Category: Cryptography

Read about the different types of encryption, tunneling protocols, e-mail encryption protocols, and Public Key Infrastructure

The Need-to-Know Encryption Algorithms

We use encryption for a lot of things...a LOT. For example, we use encryption to protect our web traffic, file transfers, emails, and data storage. It plays a big role in cybersecurity; it's what provides us the data confidentiality we need. Below is a helpful table that summarizes the encryption algorithms required to know for ...

The Recent 4G LTE Network Vulnerabilities and Attacks

In this blog post, I'll discuss the design and operation of a 4G LTE network. In hindsight, I realize topics such as these can get extremely lengthy. For that reason, I'll limit this discussion down to only the necessary technical details required to understand these new LTE attacks, while excluding any complicating, non-essentials. These new ...

PenTest Edition: Capture Images That Network Users Are Looking at Using Driftnet and WebSploit

WebSploit is an advanced MitM framework of penetration testing tools used to assess wired/wireless network security, web vulnerabilities, and exploitation techniques. This demonstration uses the network/mitm module to set up a Man-in-the-Middle (MitM) attack between the target and the gateway in addition to using Driftnet to steal any unencrypted (and possibly encrypted) images that the ...

HTTPS: The TLS Handshake Using Diffie-Hellman Ephemeral

A client securely connects to a web server via the TLS 1.2 transport encryption protocol. This is a process that starts with asymmetric cryptography and ends with symmetric cryptography. As a refresher, recall that asymmetric cryptography uses a public and private key pair, whereas symmetric cryptography uses only one shared key. I published a blog ...