researchcryptography

cryptography tls/ssl

tls and ssl cipher suites

TLS/SSL protocols support a large number of cipher suites. A cipher suite is a collection of symmetric and asymmetric encryption algorithms used by hosts to establish a secure communication. Supported cipher suites can be classified based on encryption algorithm strength, key length, key exchange and authentication mechanisms. Some cipher suites offer better level of security than others (e.g. Several weak cipher suites were developed for export to comply with US export law). There are more than 200 known cipher suites. Read more.

stunnel

tls, ssl

Stunnel allows a user to tunnel any TCP based application protocol through a connection secured by TLS/SSL. Read more.

openssl

OpenSSL is an open-source TLS/SSL toolkit implemented for a variety of platforms. In this article you will learn several openssl client and server commands useful in working with TLS/SSL protocol. Read more.

decrypting tls/ssl traffic with wireshark

Wireshark is capable of decrypting TLS/SSL traffic. This article will discuss the required conditions necessary for the decryption and walk you through the exact steps. Read more.

tls/ssl protocol

ssl, tls

Transport Layer Security (TLS) and Secure Sockets Layer (SSL) are two closely related protocols designed to protect confidentiality and integrity of data in transit between two hosts. Read more.

cryptography password cracking

automatic password rule analysis and generation

The field of password cracking has evolved by leaps an bounds over the last decade with the introduction of new cracking techniques, more advanced software and significantly faster hardware. One area which I find most fascinating is rule-based cracking. An attacker can develop a set of word mangling rules (e.g. substitute all 'a's to '@'s, upper-case every third letter, etc.) in order to attack non-random passwords which use slightly modified dictionary words. The purpose of this research is to develop an automated method of analyzing a large body of leaked passwords in order to come up with a list of frequently used words and rules to make up passwords. Read more.

john the ripper

John the Ripper is a multi-platform password cracking tool. Read more.

π
///\oo/\\\