Author

Martin Hell

Browsing

The problems with repeated keystream in stream ciphers Repeated keystream can sometimes be devastating when using stream ciphers. The Capture the Flag event co-organized by Debricked at Lund University included examples of this problem. Stream ciphers try to mimic the One Time Pad (OTP), but without the inherent drawbacks of a cipher that requires a key the size of the plaintext. Instead, the stream cipher expands a short key (80-256 bits) to a long sequence through the use of a keystream generator. The keystream generator outputs keystream bits (or words) based on the value of an internal state, a key and an initialization vector (IV). The exact definition of this function varies between stream ciphers and often the key and IV is only used to initialize the internal state. The output then only depends on the current internal state. The goal of an attack could be to either compute the…

CTF-Event with Lund University Debricked, in cooperation with the Department of Electrical and Information Technology, Lund University, hosted a Capture the Flag (CTF) competition for students at the university. The event attracted more than 50 students from 8 different programs, forming in total 17 teams. The evening consisted of food, beverages, snacks, but most importantly cybersecurity related challenges for the students to dive into and solve. The challenges were tailored to be suitable for both beginners and for more experienced people and all teams managed to solve at least some problems. The CTF was given in jeopardy style, where the groups could choose from a collection of different challenges. The challenges covered well known CTF topics, including cryptography, reverse engineering, pwning, web security and a miscellaneous category. The latter had challenges such as lockpicking, password attacks and hardware security. After a short presentation and walkthrough of rules and hints, the…