Defeat 2FA token because of bad randomness - rhme2 Twistword (Misc 400)
Generating random numbers on computers is not easy. And while the intended solution was really hard, the challenge had a problem with the random number generation, which allowed me to solve it.
Clarification from Andres Moreno (riscure) on the challenge:
"The "official" challenge solution involved reading the tiny Mersenne twister (tinyMT) paper, writing some equations, and using a solver. The tinyMT is tricky to initialize. Giving a proper seed is not enough. You need to provide initial state matrices with certain properties (there is a generator for this). The challenge used improper initialized matrices (zeros) that reduced the PRNG period. During tests, we found that ~12hr were needed to solve the challenge (solver time only), but we did not test the amount of entropy reduction by improper state initialization. Fortunately, the problem was not in the PRNG."
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb
US Store Front:* https://www.amazon.com/shop/liveoverflow
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF #Cryptography
Видео Defeat 2FA token because of bad randomness - rhme2 Twistword (Misc 400) канала LiveOverflow
Clarification from Andres Moreno (riscure) on the challenge:
"The "official" challenge solution involved reading the tiny Mersenne twister (tinyMT) paper, writing some equations, and using a solver. The tinyMT is tricky to initialize. Giving a proper seed is not enough. You need to provide initial state matrices with certain properties (there is a generator for this). The challenge used improper initialized matrices (zeros) that reduced the PRNG period. During tests, we found that ~12hr were needed to solve the challenge (solver time only), but we did not test the amount of entropy reduction by improper state initialization. Fortunately, the problem was not in the PRNG."
-=[ 🔴 Stuff I use ]=-
→ Microphone:* https://geni.us/ntg3b
→ Graphics tablet:* https://geni.us/wacom-intuos
→ Camera#1 for streaming:* https://geni.us/sony-camera
→ Lens for streaming:* https://geni.us/sony-lense
→ Connect Camera#1 to PC:* https://geni.us/cam-link
→ Keyboard:* https://geni.us/mech-keyboard
→ Old Microphone:* https://geni.us/mic-at2020usb
US Store Front:* https://www.amazon.com/shop/liveoverflow
-=[ ❤️ Support ]=-
→ per Video: https://www.patreon.com/join/liveoverflow
→ per Month: https://www.youtube.com/channel/UClcE-kVhqyiHCcjYwcpfj9w/join
-=[ 🐕 Social ]=-
→ Twitter: https://twitter.com/LiveOverflow/
→ Website: https://liveoverflow.com/
→ Subreddit: https://www.reddit.com/r/LiveOverflow/
→ Facebook: https://www.facebook.com/LiveOverflow/
-=[ 📄 P.S. ]=-
All links with "*" are affiliate links.
LiveOverflow / Security Flag GmbH is part of the Amazon Affiliate Partner Programm.
#CTF #Cryptography
Видео Defeat 2FA token because of bad randomness - rhme2 Twistword (Misc 400) канала LiveOverflow
Показать
Комментарии отсутствуют
Информация о видео
Другие видео канала
Blind GQL injection and optimised binary search - A7 ~ Gee cue elle (misc) Google CTF 2017Hardware Power Glitch Attack (Fault Injection) - rhme2 Fiesta (FI 100)Showing various security issue of the Wifi-Cloud HubRecover RSA private key from public keys - rhme2 Key Server (crypto 200)Breaking AES with ChipWhisperer - Piece of scake (Side Channel Analysis 100)Searching for Bitcoins in GitHub repositories with Google BigQueryReverse Engineering PopUnder Trick for ChromeLinear independence and GF(2) - 34C3 CTF software_update (crypto) part 2/2How (not) to ask a technical questionWhy MissingNo Multiplies Items!CSS Keylogger - old is new againFormat String to dump binary and gain RCE - 33c3ctf ESPR (pwn 150)Breaking ECDSA (Elliptic Curve Cryptography) - rhme2 Secure Filesystem v1.92r1 (crypto 150)Solving AVR reverse engineering challenge with radare2 - rhme2 Jumpy (reversing 100)Reversing an unkown digital protocol with an Arduino - rhme2 Whac the mole (misc 200)DO NOT USE alert(1) for XSSUsing z3 to find a password and reverse obfuscated JavaScript - Fsec2017 CTFHow to have Two Factor Authentication without Phone Numbers