Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=2061&_unique_id=6610b0a00ad3f

COMP6841 Lecture Week 7

This week we talk about Diffie-Hellman key exchange, even more buffer overflows, assets, fuzzing and even more security protocols.

Diffie-Hellman exchange is basically a method of exchange keys over a public channel, 

The two parties first publicly agree to use a modulus p and a base g

Party A chooses a secret integer a, then sends Party B: A = g^a mod p

Party B chooses a secret integer b, then send Party A: B = g^b mod p

Party A computes s = B^a mod p

Party B computes s = A^b mod p

Alice and Bob now have a key in common which they could now use to communicate between the two parties securely.

Diffie-Hellman is secure because of this problem called the discrete logarithm problem, which means we cannot efficiently calculate modular exponentiation. So a lot of work needs to be done in order to crack Diffie-Hellman.

Then we talked about buffer overflows and how C program call/store functions (building stack frames, pushing registers, popping registers, etc.), I have now blogged about this extensively in both Week 6′s lecture summary and also in 2 of my Something Awesome blog writeups (bof and passcode). So I will not further write up on this.

Then we talked a bit on assets, security is usually made to protect our assets, but sometimes we focus on the wrong assets (such as making a door 100% force-entry proof but thieves could just crack open one of the windows and gain entry into the house without even touching the door). So it’s important that we need to be able to identify assets. Now how do we protect assets? We could use a multiparty review system, using standards and protocols, never think it is 100% secure and constantly reevaluate the assets you have.

We then moved on to this security testing concept called fuzzing, which is essentially an automated testing sequence. A fuzzer (according to Wikipedia) could be categorized into three categories:

A fuzzer can be generation-based depending on whether inputs are generated from scratch or by modifying existing inputs[1]

A fuzzer could be smart or dumb depending on whether it is aware of input instructures[1]

A fuzzer can be white, grey or black box, depending on the fact if it is aware of program structure.[1]

Essentially, fuzzing involves providing invalid, unexpected, or random data as inputs to a computer program in the hopes that it will either crash, expose bugs or reveal vulnerabilities within a system. Most of the production level software that’s in serious circulation uses fuzzing, an example being Google Chrome, it is continuously fuzzed by the Chrome Security Team with 15,000 machine cores.[2]

[1] https://en.wikipedia.org/wiki/Fuzzing#Browser_security

[2] https://browser-security.x41-dsec.de/X41-Browser-Security-White-Paper.pdf

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=1951&_unique_id=65f4ddb2860a8

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=1731&_unique_id=65be738dba01a

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=1621&_unique_id=65a298db4b107

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=1456&_unique_id=6578d36a1ba48

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=1296&_unique_id=6550504ccbe38

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=1141&_unique_id=652911b4b77e9

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=1036&_unique_id=650e7f24b6683

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=801&_unique_id=64d2fdf711bf5

Are you looking for the best browser for your Windows device? Check out our latest blog post to learn about the top browsers for 2023! Discover the benefits of compatibility, security, UI, performance, customization, and privacy. Find the right browser for you and enjoy a seamless browsing experience today! https://howtological.com/how-to-choose-the-right-browser-for-your-windows-pc/?feed_id=45&_unique_id=6430cb96d4ee9