encryption

86 Articles

EPROM-based Enigma Machine

March 12, 2025 by 5 Comments

The Enigma machine is perhaps one of the most legendary devices to come out of World War II. The Germans used the ingenious cryptographic device to hide their communications from the Allies, who in turn spent an incredible amount of time and energy in finding a way to break it. While the original Enigma was a complicated electromechanical contraption, [DrMattRegan] recently set out to show how its operation can be replicated with an EPROM.

The German Enigma machine was, for the time, an extremely robust way of coding messages. Earlier versions proved somewhat easy to crack, but subsequent machines added more and more complexity rendering them almost impenetrable. The basis of the system was a set of rotors which encrypted each typed letter to a different one based on the settings and then advanced one place in their rotation, ensuring each letter was encrypted differently than the last. Essentially this is a finite-state machine, something perfectly suited for an EPROM. With all of the possible combinations programmed in advance, an initial rotor setting can be inputted, and then each key press is sent through the Enigma emulator which encrypts the letter, virtually advances the rotors, and then moves to the next letter with each clock cycle.

[DrMattRegan]’s video, also linked below, goes into much more historical and technical detail on how these machines worked, as well as some background on the British bombe, an electromechanical device used for decoding encrypted German messages. The first programmable, electronic, digital computer called Colossus was also developed to break encrypted Enigma messages as well, demonstrating yet another technology that came to the forefront during WWII.

Continue reading “EPROM-based Enigma Machine”

Inside Project Delilah

February 4, 2025 by 13 Comments

The invention of the computer is a tricky thing to pinpoint. There were some early attempts that were not well known and some early attempts that were deliberately secret. [Alan Turing]’s efforts with Colossus were top secret for years, and while that work built on earlier efforts in Poland, [Turing] has as much claim to be the father of computers as anyone. But [Jack Copland] points out in a recent post that the famous computer scientist was also involved in another secret project: Delilah.

While [Turing] is best known for his work breaking ciphers at Bletchley Park, he also put time in on a second project about ten miles away in a secret electronics lab at Hanslope Park. There he worked with an assistant, [Donald Bayley] on Delilah — a portable system for encrypting voice transmissions.

Continue reading “Inside Project Delilah”

Hacking An IP Camera To Run Your Own Software

July 17, 2024 by 18 Comments

Ah, generic unbranded IP cameras. Safe, secure? Probably not. [Alex] has been hacking around with one of his very own, and he’s recently busted the thing wide open.

Determining that the camera had a software update function built in, [Alex] saw an opening for hijinks. The first issue was that the camera only accepts encrypted update packages, which complicates things somewhat. However, through some smart reverse engineering, the format of the updates and their encryption method became obvious to [Alex]. Oh, and partly because there was a GitHub repository online featuring the source code used by the manufacturer to encrypt their updates. That definitely helped. It also led [Alex] to suspect the manufacturer may not have properly respected the open source license of some of the routines involved.

In the demo of the exploit, [Alex] has the camera reach out to www.pudim.com.br instead of the servers of the original manufacturer. That’s a pretty clear way to show that the camera has been owned.

We first featured [Alex]’s work in this space all the way back in 2019. It’s come a long way since then!

Continue reading “Hacking An IP Camera To Run Your Own Software”

Falsified Photos: Fooling Adobe’s Cryptographically-Signed Metadata

November 30, 2023 by 34 Comments

Last week, we wrote about the Leica M11-P, the world’s first camera with Adobe’s Content Authenticity Initiative (CAI) credentials baked into every shot. Essentially, each file is signed with Leica’s encryption key such that any changes to the image, whether edits to the photo itself or the metadata, are tracked. The goal is to not only prove ownership, but that photos are real — not tampered with or AI-generated. At least, that’s the main selling point.

Although the CAI has been around since 2019, it’s adoption is far from widespread. Only a handful of programs support it, although this list includes Photoshop, and its unlikely anybody outside the professional photography space was aware of it until recently. This isn’t too surprising, as it really isn’t relevant to the casual shooter — when I take a shot to upload to Instagram, I’m rarely thinking about whether or not I’ll need cryptographic proof that the photo wasn’t edited — usually adding #nofilter to the description is enough. Where the CAI is supposed to shine, however, is in the world of photojournalism. The idea is that a photographer can capture an image that is signed at the time of creation and maintains a tamper-proof log of any edits made. When the final image is sold to a news publisher or viewed by a reader online, they are able to view that data.

At this point, there are two thoughts you might have (or, at least, there are two thoughts I had upon learning about the CAI)

  1. Do I care that a photo is cryptographically signed?
  2. This sounds easy to break.

Well, after some messing around with the CAI tools, I have some answers for you.

  1. No, you don’t.
  2. Yes, it is.

Continue reading “Falsified Photos: Fooling Adobe’s Cryptographically-Signed Metadata”

The UK Online Safety Bill Becomes Law, What Does It Mean?

October 29, 2023 by 64 Comments

We’ve previously reported from the UK about the Online Safety Bill, a piece of internet safety legislation that contains several concerning provisions relating to online privacy and encryption. UK laws enter the statutes by royal assent after being approved by Parliament, so with the signature of the King, it has now become the law of the land as the Online Safety Act 2023. Now that it’s beyond amendment, it’s time to take stock for a minute: what does it mean for internet users, both in the UK and beyond its shores? Continue reading “The UK Online Safety Bill Becomes Law, What Does It Mean?”

The British Government Is Coming For Your Privacy

July 30, 2023 by 77 Comments

The list of bad legislation relating to the topic of encryption and privacy is long and inglorious. Usually, these legislative stinkers only affect those unfortunate enough to live in the country that passed them. Still, one upcoming law from the British government should have us all concerned. The Online Safety Bill started as the usual think-of-the-children stuff, but as the EFF notes, some of its proposed powers have the potential to undermine encryption worldwide.

At issue is the proposal that services with strong encryption incorporate government-sanctioned backdoors to give the spooks free rein to snoop on communications. We imagine that this will be of significant interest to some of the world’s less savoury regimes, a club we can’t honestly say the current UK government doesn’t seem hell-bent on joining. The Bill has had a tumultuous passage through the Lords, the UK upper house, but PM Rishi Sunak’s administration has proved unbending.

If there’s a silver lining to this legislative train wreck, it’s that many of the global tech companies are likely to pull their products from the UK market rather than comply. We understand that UK lawmakers are partial to encrypted online messaging platforms. Thus, there will be poetic justice in their voting once more for a disastrous bill with the unintended consequence of taking away something they rely on.

Header image: DaniKauf, CC BY-SA 3.0.

SUPERCON 2022: Kuba Tyszko Cracks Encrypted Software

February 21, 2023 by 5 Comments

[Kuba Tyszko] like many of us, has been hacking things from a young age. An early attempt at hacking around with grandpa’s tractor might have been swiftly quashed by his father, but likely this was not the last such incident. With a more recent interest in cracking encrypted applications, [Kuba] gives us some insights into some of the tools at your disposal for reading out the encrypted secrets of applications that have something worth hiding.  (Slides here, PDF.)

There may be all sorts of reasons for such applications to have an encrypted portion, and that’s not really the focus. One such application that [Kuba] describes was a pre-trained machine-learning model written in the R scripting language. If you’re not familiar with R, it is commonly used for ‘data science’ type tasks and has a big fan base. It’s worth checking out. Anyway, the application binary took two command line arguments, one was the encrypted blob of the model, and the second was the path to the test data set for model verification.

The first thing [Kuba] suggests is to disable network access, just in case the application wants to ‘dial home.’ We don’t want that. The application was intended for Linux, so the first port of call was to see what libraries it was linked against using the ldd command. This indicated that it was linked against OpenSSL, so that was a likely candidate for encryption support. Next up, running objdump gave some clues as to the various components of the binary. It was determined that it was doing something with 256-bit AES encryption. Now after applying a little experience (or educated guesswork, if you prefer), the likely scenario is that the binary yanks the private key from somewhere within itself reads the encrypted blob file, and passes this over to libssl. Then the plaintext R script is passed off to the R runtime, the model executes against the test data, and results are collated.

[Kuba]’s first attack method was to grab the OpenSSL source code and drop in some strategic printf() function calls into the target functions. Next, using the LD_PRELOAD ‘trick’ the standard system OpenSSL library was substituted with the ‘fake’ version with the trojan printfs. The result of this was the decryption function gleefully sending the plaintext R script direct to the terminal. No need to even locate the private key!

Continue reading “SUPERCON 2022: Kuba Tyszko Cracks Encrypted Software”