A downgrade attack happens when an older version of a protocol is used instead of a newer, more secure version.
A downgrade can be forced in some applications/protocols, examples are SSH, Ipsec and PPPoE.
Usually, a downgrade gives a possibility to an attacker of exploiting an old vulnerability in the protocol or in the implementation, ex. Buffer overflow, weak encryption, …
Sunday, September 7, 2008
Downgrade
Tuesday, September 2, 2008
Google announces its own browser!
Google recently announced that it will build a new open-source browser, completely from scratch, dubbed Chrome.
According to Google the browser will be faster, more secure and more Web adapted.
It's said to block Javascript content from running outside of its tab and to feature Google's anti-malware database.
More insight on SecurityFocus
Monday, September 1, 2008
Hash
A hash is a one-way cryptographic algorithm that returns a fixed-length result, which can’t be reversed to the initial value
Before we delve in the history of hash functions, I’ll have to explain what collisions are:
Collisions occur when two different input result in the same output.
It’s impossible to develop a 100% collision free hash algorithm, due to the fixed-length of the output. How could you give 1 MB of input and receive 160 bits of output and expect the output to be always different?
However there are good hash algorithms, which can make finding collisions very hard
More on Collisions
Below there’s a list of the most common hash functions, their history, an example and whether they have known collisions issues.
MD2
Message Digest Algorithm 2 was developed by Ronal Rivest in 1989. It’s returns an 128 bit long output.
MD2("The quick brown fox jumps over the lazy dog")
= 03d85a0d629d2c442e987525319fc471
Rogier and Chauvaud have discovered collisions on MD2, and therefore it’s no longer considered a secure hash function.
More on MD2
MD4
Ronal Rivest also developed MD4, in 1990. It returns an output of 128 bits
MD4("The quick brown fox jumps over the lazy dog")
= 1bee69a46ba811185c194762abaeae90
MD4 has also been considered insecure, due to the existence of collisions.
MD5
MD5 is one, if not the most, widely used hash function. Mostly used to check the integrity of files and to protect usernames from clear view
As it’s predecessors, it was developed by Ron Rivest, in 1991, and returns a 128 bits long output.
MD5 is no longer secure, because it is relatively easy to find a collision. (On 18 March 2006, Klima published an algorithm able to find a collision in one minute, running on a notebook computer)
MD5("The quick brown fox jumps over the lazy dog")
= 9e107d9d372bb6826bd81d3542a419d6
More on MD5
RIPEMD-160
RACE Integrity Primitives Evaluation Message Digest, is a hash function, developed by Hans Dobbertin, Antoon Bosselaers and Bart Preneel. It returns a 160-bit length output.
There is also the 128, 256 and 320 bit version of RIPEMD.
RIPEMD-160("The quick brown fox jumps over the lazy dog") =
37f332f68db77bd9d7edd4969571ad671cf9dd3b
More on RIPEMD family
SHA-1
The SHA (Secure Hash Algorithm) hash functions are a set of hash functions designed by the National Security Agency (NSA). The SHA1 produces an output of 160-bits, however the SHA family can produce an output up until 512 bits (SHA 512).
SHA 1 is also one of the most common hash functions.
SHA1 is theoretically vulnerable to attacks, including collisions, although none has yet been shown to public.
Due to such possible weaknesses NSA has started the development of SHA 3, which will be selected from an open competition to be held in 2008, although it will only be made official in 2012
SHA1("The quick brown fox jumps over the lazy dog")
= 2fd4e1c6 7a2d28fc ed849ee1 bb76e739 1b93eb12
More on the SHA family
WHIRLPOOL
Whirlpool (or WHIRPOOL) is a hash function designed by Vincent Rijmen and Paulo S. L. M. Barreto. It returns a 512-bit output.
Whirlpool is used in FreeOTFE, TrueCrypt and other programs.
Whirlpool-0("The quick brown fox jumps over the lazy dog") =
4F8F5CB531E3D49A61CF417CD133792CCFA501FD8DA53EE368FED20E5FE0248C
3A0B64F98A6533CEE1DA614C3A8DDEC791FF05FEE6D971D57C1348320F4EB42D
As of now, there is no known weakness in Whirlpool.
More on Whirlpool
Note: The hash algorithms here referred are used in security context, and not to build hash tables. (What's a hash table?)
I'm back!
It's been a long time since I've last updated this blog.
But now I'm back!!
I've changed the theme, added more links, deleted the spam and re-edited some posts(namely the Evil Twin).
As a "gift" I will give you a brand new post regarding hash functions.
Subscribe to:
Posts (Atom)
Blog Archive
-
►
2007
(39)
-
►
April
(9)
- Preventing CSRF using a Session ID
- Cross Site Request Forgery
- DoSing the client's browser
- RSnake's XSS Book released
- Key Characteristics that make a good CAPTCHA
- Evil Twin
- Majority of the U.S. government agencies got an "C...
- i-Pod virus went to F-Secure
- IE Cursor flaw is being used for targeted attacks....
-
►
April
(9)
