Tales of The Cryptographer

Once upon a time most people thought that RSA encryption was unbreakable, until a cryptographer demonstrated a plaintext-recovery attack. The attack, a.k.a cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 million message attack, became instant classic and is cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 root of all error oracle attacks including padding oracle. It was 20 years ago.

There were a lot of criticisms against cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Digital Signature Algorithm when it was introduced in cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 early 90s, but nobody actually came up with any concrete attacks, until a cryptographer demonstrated a private key-recovery attack. The attack, which exploits a leakage of a fraction of a bit, became legendary, and still works against most naive implementations. It was 15 years ago.

Hal Finney, who was probably cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 person that designed or co-designed Bitcoin, was once excited about a signature-forging attack against RSA. The attack was discovered by a cryptographer, who developed an exploit using only paper and pencil. It turned out that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 attack can be used to forge CA certificates, which could be used, you know, to own cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet. It was 10 years ago.

There were a lot of complaints against JavaScript crypto, but most of cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m don’t actually show any concrete pitfalls, until a cryptographer showed a key-recovery attack against a JavaScript implementation of AES. The same cryptographer went on disclosing multiple key-recovery or plaintext-recovery attacks against several well-known JavaScript implementations of OpenPGP. It was 5 or 4 years ago.

Like it or not, people love rolling cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir own crypto. They read Bruce Schneier, and cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y know cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 fact that cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365mselves being incapable of breaking cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir own schemes does not give any security guarantee, so cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365y go to StackOverflow, and challenge random strangers on cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 Internet to prove cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365m wrong. Most answers are usually just as "OK, look good to me," but every once in a while cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365re’s a cryptographer who'd reply with cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365ir secret keys. The cryptographer was upset because his answer didn’t get cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 most upvotes, but he keeps coming back because he just can’t stop breaking crypto. It was just last week, or perhaps, yesterday.

You might have guessed that I’ve been talking about cá cược thể thao bet365_cách nạp tiền vào bet365_ đăng ký bet365 same cryptographer: Daniel Bleichenbacher. I didn’t know anyone else whose last name has almost become synonymous with most creative crypto attacks.

Comments