Hey! I'm David, a security engineer at the Blockchain team of Facebook, previously a security consultant for the Cryptography Services of NCC Group. This is my blog about cryptography and security and other related topics that I find interesting.

# Starfighterposted March 2015

Thomas Ptacek had left Matasano, 2 years after selling to NCC, and I spotted him talking about a new "hiring" kind of company on hackernews... Well today they announced what is going to be a new kind of hiring process. After the revolution of education with Coursera and other MOOC (Massive Open Online Courses), now comes the revolution of hiring. It's called Starfighter and it will be live soon.

comment on this story

# Pretty diagrams with Tikz in LaTeXposted March 2015

Because studying Cryptography is also about using LaTeX, it's nice to spend a bit of time understanding how to make pretty documents. Because, you know, it's nicer to read.

Here's an awesome quick introduction of Tikz that allows to make beautiful diagram with great precision in a short time:

And I'm bookmarking one more that seems go way further.

comment on this story

# GPS tracking device in real life!posted March 2015

I've only seen that in movies. Not that it couldn't exist, it's just "fun" to see that happen in real life as well.

The story is here. It's about someone's car which got "bugged". It was discovered while X was at the Circumvention Tech Festival in Valencia, Spain.

more pictures there

comment on this story

# Funny matasano job postposted March 2015

I stumbled on this funny job post from jeff jarmoc:

This thread will, no doubt, be dominated by posts with laundry lists of requirements. Many employers will introduce themselves by describing what they want from you. At Matasano, we're a little different. We like to start by telling you about us. This month, I want to try to do that by drawing analogy to Mission Impossible.
What made the original show so great is exactly what was lost in the 'Tom Cruise takes on the world' reboot. The original 1960's and 70's Mission Impossible was defined primarily by a team working together against all odds to achieve their objective. It acknowledged that what they were doing was improbable, and more so for a solo James Bond or Tom Cruise character. As a team though, each character an expert in their particular focus area, the incredible became credible -- the impossible, possible.

the rest is here: https://news.ycombinator.com/item?id=9127813

comment on this story

# Freak Attackposted March 2015

If you're up to date on crypto news you will tell me I'm slow. But here it is, my favorite explanation of the recent Freak Attack is the one from Matthew Green here

TLS uses a cipher suite during the handshake so that old machines can still chat with new machines that use new protocols. In this list of ciphers there is one called "export suite" that is a 512bits RSA public key. It was made by the government back then to spy on foreigners since 512bits is "easy" to factor. The vulnerability comes from the fact that you can still ask a server to use that 512bits public key (even though it should have been removed a long time ago). This allows you to make a man in the middle attack where you don't have to possess a spoofed certificate. You can just change the cipher request of the client during the handshake so that he would ask for that 512bits key. 36% of the servers out there would accept that and reply with such a key. From here if we are in the middle we can just factor the key and use that to generate our own private key and see all the following exchange in clear.

comment on this story

# How to memorise a 20 item (and upto 1000 item) grocery list.posted March 2015

someone asked on Quora: What can I learn/know right now in 10 minutes that will be useful for the rest of my life?

And someone delivered! It's called the peg method, and it allows you to remember words in the long term really quickly. I knew about other techniques like creating a story where each words is like a double linked list of event or using each words as obstacles in a mental path. But this one seems way more useful and practical. But contrary to the other techniques, you have to memorize a few things before being able to use it:

I know it's not cryptography :) but from the header:

This is my blog about cryptography and security and other related topics that I find interesting.

Thanks @Loïs!

comment on this story

# Kasumiposted March 2015

KASUMI is a block cipher used in UMTS, GSM, and GPRS mobile communications systems. In UMTS, KASUMI is used in the confidentiality (f8) and integrity algorithms (f9) with names UEA1 and UIA1, respectively. In GSM, KASUMI is used in the A5/3 key stream generator and in GPRS in the GEA3 key stream generator.

KASUMI

(and Katsumi/Katsuni is a very famous french porn actress)

comment on this story

# The story behind Schneier's lawposted March 2015

...what I think of as Schneier's Law: "any person can invent a security system so clever that she or he can't think of how to break it."

It's pretty old but 4 years ago Schneier wrote a bit about the story behind it: check it out here.

comment on this story

# Invisibility glassesposted March 2015

AVG will reveal its new product: Invisibility glasses at pepcom barcelona.

It seems to be some kind of glasses you wear so that cameras and facial recognition softwares won't recognize you, it works by displaying lights that are only visible to cameras and not human eyes

comment on this story

# Keep in touch with cryptoposted February 2015

I have collected a list of 60 blogs about cryptography and security. If you feel like one is missing or one shouldn't be here please tell me! The list is here

Here's the list if you hate RSS:

# The ghetto way of extracting the private key of superfishposted February 2015

A realy entertaining piece by Errata Security where Robert Graham ghetto reverse the current controversial superfish of Lenovo.

The goal is to set the right break point before it actually infects your machine -- reversers have been known to infect themselves this way.

his ghetto way of reversing is first to infect himself with the "virus" and then using procdump to dump the process memory. Then dumping all the strings that the memory contains with the tool strings and voila. You have have the private certificate in the clear.

But the private certificate is protected by a passphrase. But apparently not, it was just protected by a password contained in the memory in clear as well...

I advise you to read the article, it comes with screenshots and nice commands that use text processing tools:

grep "^[a-z]*\$" super.txt | sort | uniq > super.dict

spoiler alert, the password to protect the certificate is komodia the name of the company who created this mitm adware.

Note that if they would have used an RSA whitebox this would not have happened... so quickly.

comment on this story

# Big Numbersposted February 2015

An amazing story by Scott Aaronson on Big Numbers.

Keywords: exponential growth, NP-complete problems, Ackermann sequence, Turing Machine, Halting Problem, Busy Beaver,

some quotes :)

In an old joke, two noblemen vie to name the bigger number. The first, after ruminating for hours, triumphantly announces "Eighty-three!" The second, mightily impressed, replies "You win."

Consider, for example, the oft-repeated legend of the Grand Vizier in Persia who invented chess. The King, so the legend goes, was delighted with the new game, and invited the Vizier to name his own reward. The Vizier replied that, being a modest man, he desired only one grain of wheat on the first square of a chessboard, two grains on the second, four on the third, and so on, with twice as many grains on each square as on the last. The innumerate King agreed, not realizing that the total number of grains on all 64 squares would be 264-1, or 18.6 quintillion—equivalent to the world’s present wheat production for 150 years.

Rado called this maximum the Nth "Busy Beaver" number. (Ah yes, the early 1960’s were a more innocent age.)

To solve the Halting Problem for super machines, we’d need an even more powerful machine: a ‘super duper machine.’ And to solve the Halting Problem for super duper machines, we’d need a ‘super duper pooper machine.’

If we could run at 280,000,000 meters per second, there’d be no need for a special theory of relativity: it’d be obvious to everyone that the faster we go, the heavier and squatter we get, and the faster time elapses in the rest of the world. If we could live for 70,000,000 years, there’d be no theory of evolution, and certainly no creationism: we could watch speciation and adaptation with our eyes, instead of painstakingly reconstructing events from fossils and DNA. If we could bake bread at 20,000,000 degrees Kelvin, nuclear fusion would be not the esoteric domain of physicists but ordinary household knowledge.

But do people fear big numbers? Certainly they do. I’ve met people who don’t know the difference between a million and a billion, and don’t care. We play a lottery with ‘six ways to win!,’ overlooking the twenty million ways to lose. We yawn at six billion tons of carbon dioxide released into the atmosphere each year, and speak of ‘sustainable development’ in the jaws of exponential growth.

comment on this story

# Using crypto to replace database access.posted February 2015

A pretty fresh article on how you could use crypto to replace a lot of complicated schemes you might use on your website like password reset or mail confirmation:

tl;dr: instead of creating a table for tokens, you could create the password reset url like this:

and at the place of the token you would put the output of a MAC. Checking the MAC again after receiving the url would confirm that YOU created that url and it has not been modified. Remember, MAC provides integrity and authentication. The author also provides a way to only render this usable once: use the original hashed password as a nonce.

comment on this story

# Babun, Cmder and Tmuxposted February 2015

I've used Cmder for a while on Windows. Which is a pretty terminal that brings a lot of tools and shortcuts from the linux world. I also have Chocolatey as packet manager. And all in all it works pretty great except Cmder is pretty slow.

I've ran into Babun yesterday, that seems to be kind of the same thing, but with zsh, oh-my-zsh and another packet manager: pact. The first thing I did was downloading tmux and learning how to use it. It works pretty well and I think I have found a replacement for Cmder =)

Here is a video of what is tmux: