Hey! I'm David, a security engineer at the Blockchain team of Facebook, previously a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

# How to deal with multiple passwordsposted November 2014

I was reading some articles on the security blog of stackexchange. Ended up there reading articles/comments from Thomas Pornin who is one of the best answerer on stackoverflow.

I ran into this one intitled Is our entire password strategy flawed?

I wanted to bring my point of view on how to deal with multiple passwords. I don't necessarily do this because it's not practical but I'm trying more and more.

So if I were to be extremely paranoiac I would:

1. use a password manager like 1Password for websites you don’t really care.
3. use multi-factor authentification for critical websites.

I've never used 1Password but it seems to generate passwords on the fly when you need to sign up on a new website. It's pretty cool! But a problem arises when you need to login on some website when you're not using your computer. If you don't know the passwords it created then you will always be dependent of this password manager.

## 2. Memorise

A good idea would be to hash the name of the website + some salt only you know, and use it as a password. All of that in your head. That's what one of the famous Blum proposes. More here. He appeared to have invented a hash you could compute mentally.

## 3. Two-Factor Authentification

I really like the yubikey (and own one). It's literally a secret key. Every time I need to log into gmail from a cybercafe I wish I had it configured with my yubikey.

## Bonus

comment on this story

# Mathematical “urban legends”posted November 2014

a topic on the math version of stackoverflow, filled with funny stories, anecdotes, urban legends about mathematicians. If you're like me you're gonna love every bit of it.

http://mathoverflow.net/questions/53122/mathematical-urban-legends

Although David Hilbert was one of the first to deal seriously with infinite-dimensional complete inner product spaces, the practice of calling them after him was begun by others, supposedly without his knowledge. The story goes that one day a visitor came to Göttingen and gave a seminar about some theorem on "Hilbert spaces". At the end of the lecture, Hilbert raised his hand and asked, "What is a Hilbert space?"

When the logician Carnap was immigrating to the US, he had the usual consular interview, where one of the questions was (and still is, I think): "Would you favor the overthrow of the US government by violence, or force of arms?". He thought for a while, and responded: "I would have to say force of arms..."

comment on this story

# For Sale: 50,000 Bitcoinsposted November 2014

Just a few weeks after Silk Road 2.0 and its owner got seized, the US government posted this:

THIS SEALED BID AUCTION IS FOR A PORTION OF THE BITCOINS CONTAINED IN WALLET FILES THAT RESIDED ON CERTAIN COMPUTER HARDWARE BELONGING TO ROSS WILLIAM ULBRICHT, THAT WERE SEIZED ON OR ABOUT OCTOBER 24, 2013 (“COMPUTER HARDWARE BITCOINS”).

Apparently it's from the first Silk Road. Pretty comical.

comment on this story

# SineRider: play with functionsposted November 2014

Ever fiddled with your TI-8x or played LineRider? Well this guy combined both and it looks awesome!

the game is here: http://sineridergame.com/

comment on this story

Scott Aaronson found a 1994 issue of Cryptolog an internal newsletter at the NSA. He's quoting funny extracts from one of its article about a field trip at the 1992 Eurocrypt Conference.

Those of you who know my prejudice against the “zero-knowledge” wing of the philosophical camp will be surprised to hear that I enjoyed the three talks of the session better than any of that ilk that I had previously endured. The reason is simple: I took along some interesting reading material and ignored the speakers. That technique served to advantage again for three more snoozers, Thursday’s “digital signature and electronic cash” session, but the final session, also on complexity theory, provided some sensible listening.

more on his blog: http://www.scottaaronson.com/blog/?p=2059

comment on this story

# Hack Summitposted November 2014

The next Hack Summit will happen entirely online and will start on December the 1st.

An amazing line up of people will be giving talks: David Heinemeier Hansson (creator of Ruby on Rails), Tom Chi (creator of Google Glass), Hakon Wium Le (creator of CSS), Bram Cohen (creator of Bittorrent), Brian Fox (creator of Bash), Hampton Catlin (creator of Sass and Haml), and many more interesting persons and even....... Jon Skeet (#1 answerer on StackOverflow). This is gonna be huge!

comment on this story

# Pseudo Random Number Generators using a block cipher in CTR modeposted November 2014

I was wondering why Randomized Algorithm were often more efficient than non-randomized algorithm.

Then I looked at a list of random number generators (or RNG).

Of course we usually talk about PRNG (Pseudo Random Number Generator) since "truly random" is impossible/hard to achieve.

An interesting thing I stumbled into is that you can create a PRNG using a block cipher in counter mode, by iterating the counter and always encrypting the same thing, if the block cipher used is good, it should look random.

This sounds solid since ciphers sometimes need to have Ciphertext Indistinguishability from random noise.

To support such deniable encryption systems, a few cryptographic algorithms are specifically designed to make ciphertext messages indistinguishable from random bit strings

Also under the Ciphertext indistinguishability property that a cipher should respect, you shouldn't be able to find any relations between the ciphertexts coming from the same input but encrypted with an increasing counter.

1 comment

# MicroCorruptionposted November 2014

MicroCorruption is a "game" made by Matasano in which you will have to debug some programs in assembly. There is a total of 19 levels and it gets harder and harder by the number. The first levels are made for beginners though! So it seems like a great tool to learn, and that's what our prof Emmanuel Fleury must have thought when he gave us this as homework. One rule: every level is worth one point.

I started writing the solutions here but as people told me "it was unethical to post solutions of a challenge online", I promptly removed them. If someday the challenge will shut down I will post the write ups online so that people can still learn from it :)

# Bitcoin Romaniaposted November 2014

I was in Bucharest for two weeks and look what I ran into!

1 comment

# Elliptic Curvesposted October 2014

I feel like I don't write much about my formation, and that it could be useful to people who are wondering about studying Cryptography at Bordeaux University.

There is a good article from a M1 student here: http://journaldumaster.stats.yt/master-csi-presentation/

And as it says there, the master 1 is do-able both for maths and CS people as long as you're willing to catch up in the other subject. There's a lot of theory that will allow you to study more interesting subjects in the second year of Master.

I've talked about some of the subjects but one subject I forgot to talk about was a M1 class: Elliptic Curves, taught by Fabien Pazuki and if you have the chance of taking a class from the guy just do it. He's one of the best math teacher I have had in my life, along with Vincent Borrelli (Surfaces & Curves at Lyon 1) and some dude I can't remember the name of. Each one of them were both really passionate and making true efforts to be pedagogical.

comment on this story

# Hack of the Day: How do I run untrusted shell code?posted October 2014

I've run into a nice series of video called "hack of the day" from Vivek-Ramachandran.

In this first video he explains two techniques :

• jump-call-pop
• xor decoding

I also got nice tips like the examining string function in gdb : x/s \$ebx or the folder usr/include/asm that contains plenty of information about assembly.

The full playlist can be found on securitytube.net

comment on this story

# POODLE: new attack on SSLposted October 2014

A new attack on SSL 3.0 has been discovered. It's relevant because most browsers (except for Opera) allow a downgrade to SSL 3.0 if it cannot seem to use newer versions. Of course an attacker could disturb the connection and force someone to use SSL 3.0 in order to use the POODLE attack.

Full and clear explanation here

You might want a reminder of what is CBC to read it:

tl;dr: attack happens because of the way padding works in CBC in SSL 3.0

comment on this story

It's old but I just discovered it! And since it's not always fun to learn a new text editor, especially one like vim, here's a fun way to do just that!

comment on this story

# Erasmus & Koreanposted October 2014

A new year starting means new erasmus coming. And this year I've done things a bit differently, instead of just meeting the newcomers I've joined the Erasmus association of Bordeaux "Inter'action Bordeaux" and I've helped them organized many events. Parties of course but also some really cool stuff like:

• A welcome erasmus week-end in a camping next to the Sanguinet lake (and for the first time of my life I slept on the beach! Not really comfy).

• The Feria of Bordeaux, and no worries, no animals were injured, it was more like a silly cow running around people :)

Aside from participating in this new adventure, I've also started taking Korean classes at the same place where I was taking russian classes last year. And I already learned how to write/read korean. It's actually not that hard at all and if you have a few hours to spare you could learn it too :)

I forgot that I also spent quite some time learning Romanian on Memrise this summer and I fell in love with Memrise again. I was actually the first of many romanian classes rankings for many weeks.

comment on this story