Wednesday, August 27, 2014

Diffie–Hellman




For us who know network security, the IPsec VPN is very familiar, and the Diffie–Hellman key exchange to establish a secure connection. In short the VPN is a way to communicate privately and securely over a public network, basically the internet. companies uses it between its branches and employees use it to connect to there company's network from outside the company premises

Now the problem that the key to encrypt the connection shouldn't be sent for the security reasons of compromising the connection. And here is what Diffie–Hellman key exchange algorithm comes in handy, it is an asymmetric algorithm that generated a secret key. Asymmetric meaning different keys are used to encrypt and decrypt, while secret means the same key used in both operations.

So how is that? the famous Alice and Bob, the both agreed on a base number let's say 5, then each chose a number and add's it, let's say Alice chose 2 and Bob choose 3. Each of them will add this secret number to the common number, so Alice will have 7 and Bob has 8. they then send those numbers to each other, so Alice now has 8 and Bob 7, they will then add to those numbers to there secret number they choose, and viola, they both have the same number which is 10 and this is the key they will use in the rest of the connection. 

Ofcouse it is more complicated algorithm in real life, you can check it here: Diffie–Hellman key exchange - Wikipedia, the free encyclopedia

Till another day, happy calculations...
Posted by at No comments:
Labels: , , , , , , ,

Tuesday, August 26, 2014

It's NOT getting better!!




We all heard of the cryptolocker ransomeware, one of the nastiest malware around. What it does of you didn't hear is that it encrypts all your data on the infected PC, then this unique encryption key is sent to the attacker, basically tells you to pay him a ransome amount using mostly bitcoins (kind of digital currency) to give you the software to decrypt your ransomed data. Lucky for us we now recently it has been reversed and there is a tool to retrieve(decrypt) your data. You can check it out at " Your Locker of Information for CryptoLocker Decryption | FireEye Blog ".

BUT the thread is not over, there is another malware of the same type called "Critroni". It works mostly like the older cryptolocker but it uses Tor network to anonymize its sessions thus harder to track the command and control server (where it receives the instructions) and it makes a dead line for payment 72 hours to pay the ransom or the victim starts loosing important files.

So watch out from spam emails and suspicious links, specially on Facebook, check the address under the link or picture or video before clicking, if it is unfamiliar or strangely named, better not take chances and leave the link be.

Till next post, have a nice day...
Posted by at No comments:
Labels: , , , , ,
Subscribe to: Comments (Atom)