Learn, hack!

Hacking and security documentation: slides, papers, video and audio recordings. All in high-quality, daily updated, avoiding security crap documents. Spreading hacking knowledge, for free, enjoy. Follow on .

Cryptanalysis vs. Reality

Jean-Philippe Aumasson
Black Hat Abu Dhabi 2011
Indexed on
Mar 27, 2013
File name
File size
167.7 KB

It is commonplace to argue that academic cryptanalysis---whose "attacks" literally take billions of years to complete---has no relevance whatsoever to actual security, for real-world failures of crypto are most often due to: Side-channel leakage (padding oracle attacks, etc.) Attacks on the implementation (key extraction through fault attacks, etc.) Complete bypass (after theft of keys à la DigiNotar, etc.) Nevertheless, a number of new cryptanalytic attacks have appeared these last years with various degrees of sophistication and of objectives, from complex key-recovery attacks to efficient-yet-cryptical "distinguishingers". To better understand the risk (or absence thereof), this talk will go through technical subtleties of state-of-the-art cryptanalysis research, which we'll illustrate with concrete field examples. The topics discussed include related-key attacks, cube attacks, the real security of AES, the case of pay-TV encryption, or the risk of using SHA-1, SHA-2, or the future SHA-3. Finally, we will present a recent attempt to bridge theory and practice, with an introduction to leakage-resilient cryptography.

About us

Secdocs is a project aimed to index high-quality IT security and hacking documents. These are fetched from multiple data sources: events, conferences and generally from interwebs.


Serving 8166 documents and 531.0 GB of hacking knowledge, indexed from 2419 authors from 163 security conferences.


To support this site and keep it alive, you can click on the buttons below. Any help is really appreciated! This service is provided for free, but real money is needed to pay bills.

Flattr this Click here to lend your support to: Keep live SecDocs for an year and make a donation at www.pledgie.com !