A collection of my security research
Slides from my Ruxmon Melbourne presentation in August 2015
Can you avoid relying on collision resistance to a hash function?
A birthday attack is a generic attack that applies to hash functions. While it is fairly well understood from a theoretical level, actually engineering a working attack is still quite an interesting problem.
This picture circulating via Twitter may have misled some people
Design for a new Linux /dev/random and /dev/urandom RNG
Multi-target attacks on TOTP (RFC6238) are practical
Random Password Generators should be simple, but can fail in complicated ways
Slides from my Ruxmon Melbourne presentation in March 2013
A small tutorial in how to construct a Packet-in-Packet attack for Cisco HDLC
Slides from my Ruxmon Melbourne presentation in July 2012
TL;DR: Unset the high bit to decrypt
An attack on the RFC2289 OTP scheme