Legacy Crypto Never Dies: Cracking DES nearly 20 years after the EFF DES Cracker

Presented at Still Hacking Anyway (SHA2017), Aug. 7, 2017, 8:15 p.m. (60 minutes)

In 2012 I released a DES cracking service with Moxie Marlinspike for cracking MSCHAPv2 and quickly started seeing it being used for cracking other things besides MSCHAPv2. In this presentation we'll take a look at some of the research we've done into other widely used protocols and services that still rely on DES for security and provide an quick intro into the https://crack.sh API so you too can use this service for your own projects. #NetworkSecurity

Presenters:

  • David Hulton / h1kari as David Hulton
    David Hulton organizes the ToorCon suite of conferences and has spent nearly 20 years doing security research mostly focused on reverse engineering and cracking crypto. He's mostly known for developing the bsd-airtools wireless attack tools in the early 2000's, developing and presenting the first practical attack on GSM A5/1 in 2008, and releasing a DES cracking service and tools to perform a full break of MSCHAPv2 authentication in 2012.

Links:

Similar Presentations: