Read about the different types of encryption, tunneling protocols, e-mail encryption protocols, and Public Key Infrastructure
Category: Cryptography
The Need-to-Know Encryption Algorithms
We use encryption for a lot of things...a LOT. For example, we use encryption to protect our web traffic, file transfers, emails, and data storage. It plays a big role in cybersecurity; it's what provides us the data confidentiality we need. Below is a helpful table that summarizes the encryption algorithms required to know for ...
The Recent 4G LTE Network Vulnerabilities and Attacks
In this blog post, I'll discuss the design and operation of a 4G LTE network. In hindsight, I realize topics such as these can get extremely lengthy. For that reason, I'll limit this discussion down to only the necessary technical details required to understand these new LTE attacks, while excluding any complicating, non-essentials. These new ...
PenTest Edition: Capture Images On Your Home Network Using Driftnet and WebSploit
WebSploit is an advanced MitM framework of penetration testing tools used to assess wired/wireless network security, web vulnerabilities, and exploitation techniques. This demonstration uses the network/mitm module to set up a Man-in-the-Middle (MitM) attack between the target and the gateway in addition to using Driftnet to steal any unencrypted (and possibly encrypted) images that the ...
HTTPS: The TLS Handshake Using Diffie-Hellman Ephemeral
A client securely connects to a web server via the TLS 1.2 transport encryption protocol. This is a process that starts with asymmetric cryptography and ends with symmetric cryptography. As a refresher, recall that asymmetric cryptography uses a public and private key pair, whereas symmetric cryptography uses only one shared key. I published a blog ...
Breaking HTTPS with a Proxy
I have previously discussed other ways to decrpyt HTTPS traffic, such as sslstrip and key logging, but let's discuss another way. When you link to a Web site, you're hopefully using HTTPS and not HTTP. Our Web traffic used to be encrypted using Netscape's "Secure Sockets Layer version 3 (SSLv3)"; however, due to some inherent ...
The Cybersecurity Man 