| George Carlin INVOICE | |
| carlin@example.org | |
| To: Invoice #6 | |
| Stephen Hawking Date: May 13, 2014 | |
| hawking@example.org | |
| +-----------------------------------------------------------------+ | |
| | Quantity | Description | Unit Price | Total | |
| <?php | |
| /* | |
| * Backdooring the constant-time comparison algorithm. | |
| * Taylor Hornby. Feburary 28, 2015. | |
| * | |
| * THIS CODE IS INTENTIONALLY BACKDOORED. DO NOT USE IT! | |
| */ | |
| /* ========================================================================= */ |
| <?php | |
| // Broken crypto code from https://github.com/slimphp/Slim/blob/develop/Slim/Crypt.php | |
| function validateKeyLength($key, $module) | |
| { | |
| $keySize = strlen($key); | |
| $keySizeMin = 1; | |
| $keySizeMax = mcrypt_enc_get_key_size($module); | |
| $validKeySizes = mcrypt_enc_get_supported_key_sizes($module); | |
| if ($validKeySizes) { | |
| if (!in_array($keySize, $validKeySizes)) { |
| <?php | |
| /* | |
| * Padding oracle attack against https://github.com/keboola/php-encryption | |
| * By: Taylor Hornby. | |
| * Date: March 14, 2014. | |
| */ | |
| /* Download the two files and place in the same folder. */ | |
| require_once('EncryptorInterface.php'); |
| <?php | |
| /* | |
| * This code is copied from | |
| * http://www.warpconduit.net/2013/04/14/highly-secure-data-encryption-decryption-made-easy-with-php-mcrypt-rijndael-256-and-cbc/ | |
| * to demonstrate an attack against it. Specifically, we simulate a timing leak | |
| * in the MAC comparison which, in a Mac-then-Encrypt (MtA) design, we show | |
| * breaks confidentiality. | |
| * | |
| * Slight modifications such as making it not serialize/unserialize and removing |
| Finger in the Middle Contest | |
| ================================= | |
| Players: | |
| Defender - Tries to send a fingerprint over an insecure channel and wins iff | |
| they (1) detect every attack, or (2) successfully transfer the | |
| fingerprint. | |
| Attacker - Tries to modify the fingerprint sent over the channel. |
In this document I try to answer the question: Are PRFs secure commitment schemes?
Note: This document is just a sketch of my thoughts. Please interpret the notation and reasoning charitably!
Definition: Strong Computational Hiding
You trust t notaries. Suppose at some point in time,
We can choose m, the maximum number of notaries to query before giving up, and r, the minimum number of required root matches. Select a random m-size subset of the trusted notaries. Then:
| #!/usr/bin/env ruby | |
| # This is a simulation of the advantage an attacker can get by following | |
| # a particular selfish mining strategy that works when the sequential PoW | |
| # running time is of the same order as the block target time. The simulation | |
| # assumes instant block propagation, so the advantage this simulation computes | |
| # is *on top of* the advantage gained by doing regular selfish mining. | |
| # The network is made up of Equihash Machines. Equihash Machines are either | |
| # Attacker Machines or Normal Machines. Normal Machines and Attacker Machines |
Computers are machines that do math really fast. We program them to solve calculation problems that are useful to us, like predicting tomorrow's weather or telling you how to avoid all of the construction on your way to work so that you get there fast. You can think of using a computer as giving it some information as an input (a list of construction sites), running the computer, and then getting some information back out (the best route to work). Computers are good at solving a lot of useful calculation problems, but there are other important problems that computers seem really bad at solving.
Quantum computers are a hypothetical kind of computer based on the laws of quantum mechanics. They can solve some of the problems that seem hard for regular computers by using a different kind of information: "quantum information." Quantum information is stored in tiny particles like electrons and photons; you can't write it down on paper. So f
