Defcon CTF 2009 write up comic posted November 2014
The Sapheads team draw a comic as a write up for the finale of the Defcon CTF in 2009. Since it's a classic here it is
comment on this storyHey! I'm David, cofounder of zkSecurity and the author of the Real-World Cryptography book. I was previously a crypto architect at O(1) Labs (working on the Mina cryptocurrency), before that I was the security lead for Diem (formerly Libra) at Novi (Facebook), and a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.
Quick access to articles on this page:
more on the next page...
The Sapheads team draw a comic as a write up for the finale of the Defcon CTF in 2009. Since it's a classic here it is
comment on this storyI was in Bucharest for two weeks and look what I ran into!
I feel like I don't write much about my formation, and that it could be useful to people who are wondering about studying Cryptography at Bordeaux University.
There is a good article from a M1 student here: http://journaldumaster.stats.yt/master-csi-presentation/
And as it says there, the master 1 is do-able both for maths and CS people as long as you're willing to catch up in the other subject. There's a lot of theory that will allow you to study more interesting subjects in the second year of Master.
I've talked about some of the subjects but one subject I forgot to talk about was a M1 class: Elliptic Curves, taught by Fabien Pazuki and if you have the chance of taking a class from the guy just do it. He's one of the best math teacher I have had in my life, along with Vincent Borrelli (Surfaces & Curves at Lyon 1) and some dude I can't remember the name of. Each one of them were both really passionate and making true efforts to be pedagogical.
comment on this storyI've run into a nice series of video called "hack of the day" from Vivek-Ramachandran.
In this first video he explains two techniques :
I also got nice tips like the examining string function in gdb : x/s $ebx
or the folder usr/include/asm
that contains plenty of information about assembly.
The full playlist can be found on securitytube.net
comment on this storyA new attack on SSL 3.0 has been discovered. It's relevant because most browsers (except for Opera) allow a downgrade to SSL 3.0 if it cannot seem to use newer versions. Of course an attacker could disturb the connection and force someone to use SSL 3.0 in order to use the POODLE attack.
Full and clear explanation here
You might want a reminder of what is CBC to read it:
tl;dr: attack happens because of the way padding works in CBC in SSL 3.0
comment on this storyIt's old but I just discovered it! And since it's not always fun to learn a new text editor, especially one like vim, here's a fun way to do just that!
A new year starting means new erasmus coming. And this year I've done things a bit differently, instead of just meeting the newcomers I've joined the Erasmus association of Bordeaux "Inter'action Bordeaux" and I've helped them organized many events. Parties of course but also some really cool stuff like:
Aside from participating in this new adventure, I've also started taking Korean classes at the same place where I was taking russian classes last year. And I already learned how to write/read korean. It's actually not that hard at all and if you have a few hours to spare you could learn it too :)
I forgot that I also spent quite some time learning Romanian on Memrise this summer and I fell in love with Memrise again. I was actually the first of many romanian classes rankings for many weeks.
comment on this storyKen Shirriff, still writing about bitcoin, has found a new hobby: mining bitcoin blocs with only a paper and a pen.
comment on this storyMy book Real-World Cryptography is finished and shipping! You can purchase it here.
If you don't know where to start, you might want to check these popular articles:
Here are the latest links posted:
You can also suggest a link.