Cryptography *

Hash, salt, SHA-1, SHA-2, std::hash.. To a non-programming person that may come up as some kind of a recipe that just does not seem to add up. In a sense, this is indeed supposed to be a gibberish to any third party and a strong, helpful mechanism for us, programmers. 

At the start of writing this article, I had one clear idea to get across the table: to finally unveil this mystery of hashing in C++ for beginners. I, a beginner myself, also wanted to solidify my knowledge in this area; so let’s get started.

Let’s say you want to send an encrypted message to your friend in order to avoid it being intercepted and read by a third party. You generate a random secret key and encrypt the message with it. Let’s say you use AES. But how do you let your friend know the key to decrypt it?

In this article, we will explore how the Elliptic-Curve Diffie-Hellman algorithm works under the hood. The article includes the implementation of this algorithm from scratch, written in Python.

The following text consists of two logically connected parts. The first part constructively rules out the assumption that untraceability supposes anonymity. The second part enumerates specific practical tasks in the form of various scenarios when digital signatures (DS) do not provide correct solutions to the task. It is demonstrated that a complete solution can be obtained through a special combination of DS and an interactive anonymous identification protocol.

This is the complete crash course on the Elliptic Curves Cryptography used in Bitcoin and other blockchains. With code samples and a live demo from scratch.

Once the Teacher asked the Author:

Are there methods of redundancy introducing at an informational level, other than those that are studied by the theory of error-correcting codes? Emphasizing that he is talking about information redundancy, the Teacher thus made it clear that the question does not imply various ways of energy redundancy introducing, which are well studied in communication theory. After all, the noise immunity of information transmission is traditionally assessed by means of a threshold value that is calculated as the ratio of signal energy to noise energy. It is known that the methods of the theory of error-correcting codes offer an alternative solution, allowing energy saving.

After a cogitative pause, the Author answered in the affirmative, following intuition rather than rational knowledge. Upon hearing the answer, the Teacher noticed that this is a wrong conclusion and there are no such methods.

However, over time, the Author began to suspect that the immutability of the paradigm formulated above could be questioned.

The spread of cryptocurrencies contributed to the development of many solutions based on a distributed ledger technology (blockchain). Although the scope of these solutions varies, most of them have the same basic set of security services, i.e. confidentiality, authenticity, and integrity. These features are granted by the practical applications of public key cryptography, in particular,  digital signature (DS). But unlike many other applications of public key cryptography, cryptocurrency networks do not use public key certificates. This is the aspect that we would like to talk about.

• A short excursion into WeChat;
• About the platform, the version of the application, the utilities used and the decryption of the executable file;
• • About two protocols (old one and new one);
• About serialization of objects;
• Used cryptography and key exchange;
• About headers and hash-functions;
• About the exposures found.

Hi there! A while ago, Positive Technologies published the news that ATMs manufactured by Diebold Nixdorf (previously known as Wincor), or more specifically, the RM3 and CMDv5 cash dispensers, contained a vulnerability which allowed attackers to withdraw cash and upload modified (vulnerable) firmware. And since my former colleague Alexei Stennikov and I were directly involved in finding this vulnerability, I would like to share some details.

ENCRY presents a new interactive identification protocol aimed at controlling the access of selected users to various resources.

Close your eyes and imagine Nice, a luxurious estate whose extravagant owner throws epic parties with jazz and fireworks every weekend.

To attend such a party is a lot of the elite. Invitations are sent out in advance, and guests do not know the names of other invited persons. The owner of the estate, the mysterious Jay Gatsby, an eager luxury-lover, values ​​privacy so much that he is not ready to entrust the list of invitees to anyone, not even his buttress. Moreover, the owner of the estate would like the guests not to reveal their names when entering the property. After all, there may be the mayor of the city, or the chief prosecutor among them, and they would like to keep their visit secret. Unfortunately, the owner of the estate himself is so busy that he cannot independently check each guest at the entrance, especially since there are several access roads to his house. How could he solve this problem?

Blockchain is a decentralized technology that maintains a record of all transactions occurring over a peer-to-peer network. Due to Blockchain's several different high-level use cases, numerous industries described Blockchain as the 'magic beans.' 

Blockchains store the record in a decentralized system that is interconnected. This technology lessens vulnerability and enhances transparency in all industrial sectors as information is stored digitally, and it does not have any centralized point to carry out the transactions.

Do You Know?

What is this article about?

In this article, I will tell about my participation in the first (out of two so far) Telegram blockchain contest. I didn't win any prize. However, decided to combine and share the unique experience I have had from the start to finish line, so my observations could help anyone who is interested.

Since I didn't want to write some abstract code, instead make something useful. I created instant lottery smart-contract and website which shows smart-contract data directly from Telegram Open Network (TON) avoiding any middle storage layers.

The article will be particularly useful for those, who want to write their first smart-contract for TON but don't know where to start.

Using the lottery as an example, I will go from setting up the environment to publishing a smart contract, interacting with it. Moreover, I will create a website that will show smart-contract data.

(Elliptic Curve) Diffie-Hellman (Ephemeral)

Introduction