Series

How It Breaks in Real Life

5 parts of 7

  1. 44 min read

    AES-the-cipher has never been broken in the field -- its deployments have. KRACK, repeated GCM nonces, and cache timing broke the wrapper, never the block.

  2. 41 min read

    MD5 and SHA-1 were genuinely, mathematically broken -- yet every real breach still needed a second failure: a deployment still trusting the dead hash.

  3. 44 min read

    No one has ever factored a strong, deployed RSA key -- yet ROCA, Bleichenbacher's oracle, DROWN, and FREAK broke real RSA anyway. The break was never the factoring.

  4. 45 min read

    No one has solved the discrete log on a strong curve or a 2048-bit group -- yet PS3, Android wallets, TPMs, CurveBall, and Logjam all fell. Here is exactly how.

  5. 46 min read

    No quantum computer can break RSA in 2026, yet long-lived secrets encrypted today may already be lost. Harvest now, decrypt later is a deployment failure.

Related tags

#cryptography#aes#aes-gcm#nonce-reuse#krack#side-channel-attack#authenticated-encryption#tls#hash-functions#md5#sha-1#collision-attack#sha-2#sha-3#pki#rsa#roca#bleichenbacher#padding-oracle#freak#key-generation#elliptic-curve-cryptography#ecdsa#diffie-hellman#side-channel-attacks#tls-security#post-quantum#applied-cryptography#post-quantum-cryptography#harvest-now-decrypt-later#ml-kem#key-establishment#quantum-computing#mosca-inequality

← All series Start here