Threads for tonyb486

  1. 2

    The predictability of ECB is also a problem is you have an oracle:

    https://cryptopals.com/sets/2/challenges/12

    Lots of people know that when you encrypt something in ECB mode, you can see penguins through it. Not so many of them can decrypt the contents of those ciphertexts, and now you can. If our experience is any guideline, this attack will get you code execution in security tests about once a year.

    1. 1

      Yep! Those challenges are great. Another reminder that the smallest information leak can completely ruin a secure system. I’ll add that to the warning, since the post is mostly warnings anyway.

      I’ve done that one, too, a few years ago: https://github.com/tonyb486/cryptopals/blob/master/c12.py

    1. 2

      I’m updating my website and trying to write more about what I’ve been up to. I’ve done a fair bit of 3D printing lately, and I’ve been learning how to use OpenSCAD to design parts. I’d like to post some of these parts on my website (and thingiverse). To that end, I made an STL viewer using three.js so that I can display these parts more easily, and wrote it up as a post: