# Monthly Archives: January 2014

## Matrix Algebra and a suggested Differential Cryptanalysis

There are two broad categories of cryptanalysis, linear cryptanalysis and differential cryptanalysis. [link uses the term “key” where this blog distinguishes “password” and “key” as concepts] A creative use for matrix multiplication is to multiply the matrix built from two comparable texts … Continue reading

## Salted hash tables defeat Rainbow Tables

Rainbow Tables are an attack to identify messages, usually key-material, that have been hashed. Long term, rainbow tables break hashes by destroying their efficacy. At this time [Jan 2014], most people regard MD5 as broken, and Microsoft is moving to … Continue reading

## Why do we modify passwords for a key, in implementation?

Best practice, when implementing an encryption algorithm, is to hash the password creatively, for use as a key. Under the accident that our key becomes compromised during its life cycle, the attacker can theoretically read other messages enciphered with the … Continue reading

## April 2013 standalone factorization of Fermat(9)

In Spring 1991, I was able to use a home-made [kludge] Arbitrary Integer Arithmetic called “Cruncher” to expand F(9) in decimal, and check Lenstra’s 1989 factorization, which I had seen published in Discovery magazine. I wrote it in GFA Basic, … Continue reading

## Speculative Data Assurance strategies: PROM’s

When we devise solutions, sometimes we have to enumerate them first, before we can think about them in sophisticated ways. RFID can harden [here’s how] two-factor authentication (something you have and something you know.) Perhaps PROM‘s can assist in a similar … Continue reading

## Experimental TEMPEST defeat for CPU’s.

“Tempesting,” is the verb for hardening a computer installation against radio-wave interception (and/or interference) from TEMPEST. This is a method of side-channel attack whose cost effectiveness has not been easily evaluated by the public. The known defeat is a Farady … Continue reading