The past two months: some crypto and some coding

Hisashiburi ne? So here's what I've been doing for the past two months.

Crypto stuff

I've never really been into crypto and attacking crypto, as I considered it to be something for smart people. Recently however, I stumbled upon a challenge that seemed to be vulnerable to a padding oracle attack. Because it looked easy and straightforward enough for someone who knows what a padding oracle attack is, I decided against my tendency to ignore crypto quests and tried to attack the vulnerable application. Needless to say, having only read about padding oracles but never actually attacked one, I couldn't actually solve it. Hence, I started my quest to boost my crypto skills.

I already knew about Boneh's course in Coursera, having followed it partially (until week 3 I think) and remembered the Matasano crypto challenge that was run a few years ago. Since they published their challenges online at Cryptopals, it seemed like a really good place to start.

I'm currently working my way through set 5. So far, it has been a weirdly enjoyable trip with many basic and less basic cryptographic flaws being explored. The code that you develop for solving the problems will definitely help as a template for solving crypto challs during CTFs.

Golang

Without divulging into too much detail, at my work place there was a programming problem that could be very nicely solved with some concurrent code. Having read a bit about the strengths of Go, I became interested into implementing said programming problem with Go. As such, I started my weekend quest going through the Tour of GO and implementing simple Go programs. I watched some Go Youtube talks (some about concurrency, other about paradigms, one about creating a web proxy, ...) and before I knew it, I was actually making quite nice little programs with relative ease.

I guess one of the strengths, besides the well implemented concurrency, is that the language itself is fairly small. But the language functionality implemented allows to quickly create programs none the less. It's like a better C. (Oh, and it's memory safe as well)

I expect to release one of my go projects soon. :)

Search engine

With the demise of Coursera, well at least the old platform, I had to backup all my courses to an offline storage. This gave me some time to look into all the courses I once followed or had planned to follow. One of them was the Mining Massive Data Sets (MMDS for short). Since it discussed many techniques and covered different topics (google pagerank, mapreduce, similar sets, recommendation systems), it looked like solid knowledge that I could use for creating my search engine.

Although the course is offline, you can find the PDF of the book that is used in the course at mmds.org.

Reinstalled my laptop

Since my SSD was slowly dying and I've been in a pinch with my 128GB storage capability ever since I've virtualised parts of my workflow, I decided it was time to upgrade to a bigger and newer SSD. Since I've been pretty happy about my Samsung 830 SSD, it has lasted for over 4 years you know (#wow #amazing #sugoi), I've bought another Samsung SSD (EVO 750). A lot of work was sadly needed to backup all stuff that I don't normally backup and to reinstall the operating system. :(

*****
Written by Adriaan Dens on 12 July 2016