cryptopals
paddingoracle
cryptopals | paddingoracle | |
---|---|---|
1 | 2 | |
25 | 5 | |
- | - | |
6.1 | 10.0 | |
5 months ago | almost 7 years ago | |
Java | Ruby | |
GNU Lesser General Public License v3.0 only | MIT License |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
cryptopals
-
The Matasano Crypto Challenges (2014)
More fun for those who completed all 8 sets: https://github.com/ilchen/cryptopals/blob/master/src/docs/ne...
paddingoracle
-
The Matasano Crypto Challenges (2014)
The padding oracle challenge has just been the gift that keeps on giving. I wrote a Ruby Gem for exploiting this:
https://github.com/technion/paddingoracle
I've since used it in the wild several times. It is shocking how prevalent the issue is, I suspect because everybody "used a a trusted AES library" and therefore believes they've complied with general crypto recommendations.
Before /r/javascript went private recently I could reply to a post about nearly any project that claimed to use crypto and explain this vulnerability.
- Crate for AES256 - which one to choose? Questions about block cipher modes and AEAD too.
What are some alternatives?
rust-crypto - A (mostly) pure-Rust implementation of various cryptographic algorithms.
block-ciphers - Collection of block cipher algorithms written in pure Rust
utils - Utility crates used in RustCrypto
RustCrypto - Authenticated Encryption with Associated Data Algorithms: high-level encryption ciphers
ring - Safe, fast, small crypto using Rust
consul-template - Template rendering, notifier, and supervisor for @HashiCorp Consul and Vault data.
RCIG_Coordination_Repo - A Coordination repo for all things Rust Cryptography oriented
rustls - A modern TLS library in Rust