Unless you have been under a rock you should have heard about the first public sha-1 collisions. If not, go to the page describing the collision and enjoy.

In this blogpost I’ll try to explain what this actually entails for most practical purposes. Sigue leyendo SHA-1 is publicly collided, now what?

# Archivo de la etiqueta: cryptography

# Cryptanalyzing Petya

A few days ago, leo-stone reverse-engineered the Petya ransomware and found that it was possible to use genetic algorithms to find out the key. He even published a nice decrypting tool in go. I took his globe and decided to prove why this is mostly a specific issue of how Petya reduced Salsa-20 to use only 16 bit words.

In this blogpost I’ll do a cryptanalysis of the Petya encryption algorithm (as published by leo-stone) and reduce the key entropy so that a single known plaintext is enough to break the algorithm. I’ll also explain how to use these results to make a faster and more efficient decrypting tool. And finally I’ll explain why genetic algorithms as used by leo-stone worked.