Kaid's Blog

A Case Study On End-to-End Encryption Used In Whatsapp 1.Introduction to End-to-End Encryption WhatsApp's end-to-end encryption is available when you and the people you message use the latest versions of the app. WhatsApp's end-to-end encryption ensures only you and the person you're communicating with can read what is sent, and nobody in between, not even WhatsApp. This is because your messages are secured with a lock, and only the recipient and you have the special key needed to unlock and read them. For added protection, every message you send has its own unique lock and key. WhatsApp, since its inception six years ago, has quickly grown into a global phenomenon, becoming one of the most popular mobile based communications applications in the world today. With a user base that eclipsed one billion in February, WhatsApp provides a service that potentially endangers the privacy of over 10% of the entire human population. In order to address these security concern

What is SQL INJECTION SQL INJECTION is getting Unauthorized access to database. After successful authentication by SQL injection attacker tries to harm or dispose or cause any type of harm to a database.   A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system.  SQL injection we try to use SQL comments or using logical Boolean relational algebra i.e (OR & AND clause) to get data from db. How to Perform basic SQL injection Make a basic html form page without providing front end validation. Make a Folder in your local host directory as test HTML FORM AS index.html in your localhost directory(var/WWW/html/test) or in ht docs in XAMPP then add this HTML simple form as index.html <!

UDP flood attack A UDP flood attack is a denial-of-service (DoS) attack using the User Datagram Protocol (UDP), a sessionless/connectionless computer networking protocol. Using UDP for denial-of-service attacks is not as straightforward as with the Transmission Control Protocol (TCP). However, a UDP flood attack can be initiated by sending a large number of UDP packets to random ports on a remote host. As a result, the distant host will: Check for the application listening at that port; See that no application listens at that port; Reply with an ICMP Destination Unreachable packet. Thus, for a large number of UDP packets, the victimized system will be forced into sending many ICMP packets, eventually leading it to be unreachable by other clients. The attacker(s) may also spoof the IP address of the UDP packets, ensuring that the excessive ICMP return packets do not reach them, and anonymizing their network location(s). Most operating systems mit

Columnar Transposition Cipher Introduction  The columnar transposition cipher is a fairly simple, easy to implement cipher. It is a transposition cipher that follows a simple rule for mixing up the characters in the plaintext to form the ciphertext. Although weak on its own, it can be combined with other ciphers, such as a substitution cipher, the combination of which can be more difficult to break than either cipher on it's own. The  ADFGVX cipher uses a columnar transposition to greatly improve its security. Example  The key for the columnar transposition cipher is a keyword e.g.  GERMAN . The row length that is used is the same as the length of the keyword. To encrypt a piece of text, e.g. defend the east wall of the castle we write it out in a special way in a number of rows (the keyword here is  GERMAN ): G E R M A N d e f e n d t h e e a s t w a l l o f t h e c a s t l e x x In the above example, the plaintext has been padded so that it neatly fits in a