In this blog post we introduce a toy cipher on which we demonstrate the principles of differential cryptanalysis. We implemented our attack in Python in order to raise the understanding of differential cryptanalysis.
In this blog post we present a Bayesian statistical model to detect cryptographic timing attacks. This model is one of the results of a customer hardware assessment performed by the SCHUTZWERK GmbH. The assessment was performed in a gray box context, i.e., we were able to interact with the encryption hardware, but were not given any internal implementation details.
This year, SCHUTZWERK is not only a sponsor of Elbsides , but will also hold a talk on June 22, 2021 at 4:10 p.m. The topic of our colleague Dr. Henning Kopp will be ‘Padding Oracle Attacks - The critical bug in your home-brewed crypto protocol’
This first blog post in our series about differential cryptography describes the design of symmetric block ciphers. These are encryption algorithms, where the same secret key is used for encryption and decryption.
In software dealing with security, randomness is often necessary to generate keys or tokens for resetting passwords or identifying sessions. There, randomness is required to be unpredictable for an attacker. However, sometimes developers do not use cryptographically secure pseudo random number generators (CSPRNG) in this scenario. Instead they utilize faster pseudorandom number generators (PRNG). Consequently, the question arises how hard it is to attack a common (not cryptographically secure) random number generator.
This article highlights some of the issues concerning the current state of post quantum cryptography.