Student Focus – WhatsApp Security

This is a guest post by Aleksandr Mylnikov, who did his semester project under JP Aumasson during his master's at EPFL, co-supervised by Prof. Arjen Lenstra. This post summarizes part of his work, thanks Alex! This part-time research project started in February 2017 and finished middle of June 2017. The goal was to understand WhatsApp's network architecture … Continue reading Student Focus – WhatsApp Security

Crypto challenge, 10 Ether of prizes

Kudelski Security is launching a new crypto challenge for Black Hat. It starts today and ends on July 25th at our private party in Las Vegas. The challenge and instructions are available at In short, here's how it works: We give you the code of a service running on some remote host. As you'll find out, … Continue reading Crypto challenge, 10 Ether of prizes

Meet Us in Vegas

For the yearly migration to the insanity of Vegas infosec and hacking conferences, we're coming with some new research that we'll present at all the three sacred sites: Black Hat, then BSides, and finally at Defcon's Crypto Village. Automated Testing of Crypto Software Using Differential Fuzzing is a joint work with Yolan Romailler, whose masters … Continue reading Meet Us in Vegas

Should Curve25519 keys be validated?

While analyzing Signal with Markus, I noticed that Signal's Curve25519-based ECDH doesn't validate public keys, and in particular will accept the 0 point as a public key—leading to a shared secret equivalent to 0 regardless of the value of the private key scalar. In contrast, libsodium will return an error if the shared secret happens … Continue reading Should Curve25519 keys be validated?

Auditing code for crypto flaws: the first 30 minutes

Auditing your code for proper crypto use is extremely important.  However, what if it's not generally your focus?  If your job today is to find flaws in the cryptographic components of application א, where should you start? I like to start an audit by checking which crypto primitives are used. This often gives you an idea of … Continue reading Auditing code for crypto flaws: the first 30 minutes

On CIA Crypto

On Tuesday, Wikileaks released a tranche of alleged Top Secret CIA documents, many involving explanations of their cryptographic requirements.   Reading through the documents turned out to be anticlimactic, the CIA’s cryptographic requirements are pretty boring, and that is how it usually works in cryptography. Quoting from the document, "These requirements are intended to ensure a … Continue reading On CIA Crypto

Why Replace SHA-1 with BLAKE2?

Unless you've lived under a rock for the last twelve years, you must know that the cryptographic hash function SHA-1 is broken, in the sense that it's not as secure as it should be: SHA-1 produces 160-bit digests, meaning that finding a collision (or two messages hashing to the same value) should take approximately 280 operations, … Continue reading Why Replace SHA-1 with BLAKE2?