CanSecWest 2011 is nearly over. It is a very exciting place for hacking stuff. Without doubt it is one the very few hacking events that everyone concerned with operational IT security should attend. Thanks to Dragos and all the SecWest team. Perfect job and the party…. waouuuh what a party!!!! Just the kind of pure moment of pleasure that deserves to work hard on technical stuff during the year.
As usual the technical program is rich and of a very high level. But no comment can replace reading the slides of the different talks. One of the strong point of CanSecWest up to me lies in the fact that the attendees are not just passive. They ask questions and are really interested. So sharing and exchanging ideas has been intense and constructive.
After my talk on Dynamic Cryptographic Backdoors, I had very interesting feedback from OpenBSD developpers. Regarding the second technique I have presented (patching and modifying encryption algorithms in memory to weaken them on-the-fly), they make a very interesting comment about encryption systems like Blowfish or Twofish. These two algorithms have some sort of polymorphism that makes almost impossible to use S-box signature. Well, it is partly true but using some local entropy measure should help to locate area to patch (or special functions like the PHT).
But it is sure that this is a challenging problem. So we are going to address the particular case of Blowfish and Twofish. So to be continued…
From that exchange I draw the conclusion that “polymorphic, design” in cryptographic algorithms provide more security against applied cryptanalysis techniques like that I have presented. In this respect, aside the fact that Twofish was not significantly weaker than Rijndael (damned academic research!), I am more than ever surprised about the fact that NIST did not select Twofish.