Laura Kaplan Never Give Up, Never Surrender

Port Scanning

When either defending or attacking a system, it is important to learn as much as you can about it. One way to do this is with port scanning. There are up to 65,535 ports which could be in use on a system. Understanding what these ports are and how they are used is critical from both a defensive and offensive perspective. This post covers some common/useful commands for port scanning....
READ MORE

Public Key Cryptography

Public key cryptography as first conceived by Diffie and Hellman in 1976 was simple: Alice encrypts a message meant for Bob with his public key and then Bob decrypts it with his private key. This allows secure communication between Alice and Bob since only Bob can decrypt the message intended for him, but anyone can send a secure message to Bob. However, Diffie and Hellman overlooked the more complex problem...
READ MORE

PKI Attacks

Public key infrastructure (PKI) has recently seen an upsurge in its adoption. Using TLS/SSL, the ā€œSā€ in HTTPS, for web services is becoming the norm with web browsers like Mozilla now reporting seeing more secure traffic served over HTTPS than non-secure (HTTP) traffic. The SSL certificates used by HTTPS for encryption rely on PKI to provide server to client authentication. This is especially critical for e-commerce and online banking sites...
READ MORE

Number Theory

Number theory is the study of whole, positive numbers. Much of the concepts behind number theory were a part of my math classes as far back as elementary school. However, number theory is particularly important, especially as it relates to prime numbers, to cryptography. It turns out number theory has a real application in fields outside of math and physics which led me to revisit these more abstract concepts. Natural...
READ MORE

Modern Cryptography - Applied Mathematics for Encryption and Information Security

I originally picked up this book because the Stinson book (Cryptography Theory and Practice, 2006) that seems to be the defacto book for most crypto classes is heavy on the math and light on the explanation. This book proved to be a great supplement to Stinson, offering the high level overview of concepts that Stinson often glosses over in exchange for more math formulas. Easttom specifically designed this book for...
READ MORE