Upload

Loading icon Loading...

This video is unavailable.

Crypt0 - "Packets Don't Lie; Bob Loves Alice"

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to like Max Quasar's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to dislike Max Quasar's video.

Sign in to YouTube

Sign in with your Google Account (YouTube, Google+, Gmail, Orkut, Picasa, or Chrome) to add Max Quasar's video to your playlist.

Uploaded on Dec 20, 2011

Yo,

My crypto presentation that I teach in my InfoSec classed boiled down to a 4 minute original music video with labs. Even if you don't like the music, if you do the labs and understand what is happening, it should help anyone pass the crypto section of the CEH, CISSP, CISM and Security+ classes I (Larry Greenblatt) teach.

Labs (optional)
Prerequisites: computer with Wireshark, web browser(s) and an internet connection.

Lab1) Sniff the SSL handshake. Start capturing and open a session to an SSL site, e.g. Gmail. After you get the HTTPS in the URL, stop the capture. Filter on SSL and examine the Client Hello (try capture filter "ssl.handshake.type"). How many cipher suites does your browser support? Identify which symmetric, asymmetric and hashing algorithms are used in cipher spec 0x000005.

Lab2) Examine the Server Hello. What cipher spec did the server negotiate? What algorithms make up the cipher spec?

Lab3) Examine the Server's certificate and answer the following questions:

Who signed the certificate?
What hashing and asymmetric algorithms are used in the signature?
Where is the CRL for this certificate?
Does this certificate support OCSP?

Lab 4) Filter on OCSP. How did the client identify the certificate in question? Who signed the response?

EXTRA CREDIT!
Change browsers and repeat the above. How many differences do you see? Did you expect that many?

Lab 5) Cryptanalysis - Download Cryptool. Given the following text, derive the key:
______________________
Ixevz0 "Vgiqkzy Jut'z Rok; Huh Rubk'y Groik"
Cuxjy gtj Sayoi he Rgxxe Mxkkthrgzz
Vxujaikj ot g nuzkr xuus ot Grkdgtjxog BG
Maozgxy (znxkk zxgiqy, cgcg, xuiqghorre gtj joxze uizgbk) vrgekj he Rgxxe.
Xkiuxjkj ut g Fuus X24. Jxas zxgiq lxus X24 haorz ot sginotk.

Rexoiy:

O cgtz zu yngxk g rozzrk ykixkz
Loxyz ck sayz huzn gmxkk
O tkbkx ygoj O cgyt'z ixgfe
Nkxk'y nuc oz ykksy zu sk

Eua cgtz zu qkkv yusk znotmy vxobgzk
O atjkxyzgtj gtj O xkyvkiz
Yuskzosky oz ykksy yu ixgfe
Nkxk'y nuc oz ykksy zu sk

Hghe, eua'xk g yavkx nkxu
O qtuc zngz yuatjy qotjg yzxgtmk
Hghe O znotq znkxk muttg rubk eua
Znotmy gxk tuz grcgey cngz znke ykks

Nuc ju O qtuc oz'y xkgrre eua? Gtj cngz eua yge oy zxak?
O qtuc znkxk'y znotmy O igt'z jkte
Yuskzosky znk cuxrj ykksy yu ixgfe xomnz tuc
Nkxk'y nuc oz ykksy zu sk

Hghe, eua'xk g yavkx nkxu
O qtuc somnz ykks otygtk
Hghe, O znotq znkxk muttg rubk eua
Vkuvrk gxkt'z grcgey cnu znke irgos

  • Category

  • License

    Standard YouTube License

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

Loading icon Loading...

Ratings have been disabled for this video.
Rating is available when the video has been rented.
This feature is not available right now. Please try again later.

Loading icon Loading...

Loading...
Working...
Sign in to add this to Watch Later

Add to