The Big Bug in the News: the WPA2 flaw

The big news this week is a protocol flaw in the Wireless Protected Access protocol, version 2 (WPA2). The Ars Technica article covers the details pretty well. This is what every Wi-Fi wireless router on the planet uses these days. The problem does not directly damage your system, but it can uncover data you had intended... Continue Reading →

Stream Cipher Reuse: A Graphic Example

Take a look at the following image. You should see two different 'messages' here. This particular mish-mash of messages reflects the failure of otherwise strong cryptography: the improper implementation of a one-time pad or a stream cipher. This same mistake let American cryptanalysts decode thousands of Soviet spy messages in the 1940s and -50s. The... Continue Reading →

Encrypting with XOR: A Graphic Example

The exclusive or operation - a logical function applied to binary bits, like AND, OR, and NOT - is a fundamental encryption technique. It is often used in stream ciphers, which are widely used in web browsers when connecting to secure web servers. When used properly, this technique provides strong protection. In fact, it is... Continue Reading →

Stream ciphers

Whenever your browser establishes a “secure” connection to a web site, it encrypts the data. The encryption often takes place byte-by-byte, since the software can't always predict how much data will be sent. This encryption style requires a stream cipher. Stream ciphers use a deceptively simple mechanism: you combine the plaintext data, bit by bit, with “key”... Continue Reading →

Create a website or blog at

Up ↑