2017 Security Recap

Cryptographers and Security Researchers have a penchant for coming up with colorful acronyms and names which describe, in brief, the vulnerability or exposure. Some are them are BEAST, CRIME, ShellShock, SLOTH, POODLE, Lucky 13, Sweet32, Smurf, Petya, BlackNurse, FREAK, DROWN, BREACH, LOGJAM, HeartBleed, CloudBleed, TicketBleed, Fireball, CLOAK and DAGGER, WANNACRY, SambaCry, HIDDEN COBRA, BroadPwn, Blueborne, ... read more

First SHA-1 collision, birthday paradox, should you rehash your will?

One of the most important properties of a cryptographic hash function is that of “Strong collision-resistance“, that is, it should be “computationally infeasible” to find distinct inputs x, x’ such that hash(x) = hash(x’).

For the SHA-1 hash function, which generates a 160 bit hash, to have strong collision resistance, only ... read more

LTE Crypto — safe, stateful computations in purely functional language Haskell

Snow3G is one of the two algorithms (the other being AES) algorithms used in LTE (4G) mobile network. The specifications for LTE come from the standards body called 3GPP and include the specification and reference implementation in C for the Snow 3G algorithm. There is an algorithm for confidentiality (encryption/decryption), and an algorithm for ... read more