-
Questions for System Design Reviews
2019-05-12
Moving towards operationalizing system design reviews. What questions should a review team ask, or expect to be answered?
-
What is the Value-add of ssh-agent?
2019-01-14
The purpose of ssh-agent and observations how ssh-agent improves UX and security.
-
Fiat-Shamir Heuristic
2018-09-22
Overview and implementation of the Fiat-Shamir heuristic used to build signature schemes from interactive zero-knowledge proofs.
-
Building Lattice Reduction (LLL) Intuition
2017-07-25
My attempt to grok the Lenstra–Lenstra–Lovász (LLL) algorithm used for basis reduction.
-
Subgroup Confinement Attacks
2017-01-14
Subgroup confinement attacks can apply in offline and online contexts.
-
User-influenced Shell Commands Are Still Considered Harmful
2016-12-06
Non-obvious ways of getting code execution when testing code that uses user input to build shell commands.
-
The GGH Cryptosystem
2016-11-23
An introduction to lattice-based cryptography using the broken Goldreich–Goldwasser–Halevi (GGH) cryptosystem.
-
ASIS CTF 2016: RSA Write-up
2016-09-18
Breaking RSA with sequential prime key parameter generation.
-
Tokyo Westerns / MMA CTF: Twin Primes Write-up
2016-09-01
Decrypting RSA ciphertexts using correlated parameters.
-
Modifying IP Headers With netfilter
2016-08-20
Using netfilter to programmtically rewrite the source IP address of ICMP packets.