Learning a few Crypto pitfalls practically-Part 2

Talks Oct 15, 2017

NULL Hyderabad held its September month's security meetup at CA Technologies, Hyderabad. I had the opportunity to present in this meet and I chose to continue with April month's topic - practical crypto pitfalls.

As always, for me presentation means demos first and slides last. This time I have spent exactly a week on the demos and as usual didn't prepare slides till the last hour :)

Topic: Regarding the topic, I have presented on Padding Oracle attacks. This is one topic I really struggled to grasp the low-level details. I thought presenting this topic in NULL meet is an opportunity for me to study this properly. So I have spent a week trying to understand the math behind it as well as coming up with a demo.

Slides: Below are the slides. They only contain screenshots of my hand-written notes and screenshots of Crypto Explorer utility. Thankfully, there are several fantastic blog posts which serve as great reference materials. No point re-creating slides or writing in length about the topic. Check the references slide in the ppt for the pointers. I have also listed them at the end of this article.

*Note: Understanding the basics of crypto is a pre-requisite to understand padding oracle attack. I strongly recommend you to go through the slides of [April month's talk](http://blog.novogeek.com/2017/04/22/learning-a-few-crypto-pitfalls-practically-null-hyd/), in case you want a refresher.*

Demo Source Code:
There are two parts to the demo:

  1. A web application, built in ASP.NET, which is vulnerable to Padding Oracle attack. Check my PaddingOracleWebApp github repo for the source.
  2. A client which launches the attack on the vulnerable web app. Check my Crypto Explorer utility for this. I have added "Padding oracle" tab.

Demo Video:
Here is a quick video recording of the padding oracle attack: