Hacking Cryptography



3 days

Delivery Method




Seats Available



3 days

Delivery Method





DATE: 17-19 April 2023

TIME: 09:00 to 17:00 CEST/GMT+2

Date Day Time Duration
17 Apr Monday 0900-17:00 CEST/GMT+2 8 Hours
18 Apr Tuesday 0900-17:00 CEST/GMT+2 8 Hours
19 Apr Wednesday 0900-17:00 CEST/GMT+2 8 Hours

Virtually all digital communication is secured using cryptography. Our laptops, phones, printers, cars, bank cards and washing machines use cryptography to keep things confidential, to make sure messages aren’t tampered with and to establish secure connections. However, even though modern security heavily relies on it, cryptography is complex and oftentimes fragile. This in-depth training shows how cryptography is misused in practice. Moreover, participants will learn how common cryptography screwups can be exploited. To foster skills, participants will write their own exploits and use them on real world systems provided by us.
Day 1:

Basic Terminology

  • Cryptography
  • Primitives
  • Security Guarantees
  • “Oracles”



  • Basics of Python
  • Using Python on Raw Bits and Bytes
  • Using Python for Bignum Computation
  • **Challenge Lab: Python**


Attacks on Symmetric Crypto

Stream Ciphers

  • Introduction to Stream Ciphers
  • The One Time Pad and XOR Ciphers
  • Salsa20/Chacha, RC4
  • Exploiting Output Bias
  • Leveraging Partialy Known Plaintext
  • Nonce Reuse Attacks
  • (Compression) Side Channels
  • **Challenge Lab: Hacking Stream Ciphers**


Block Ciphers

  • Introduction to Block Ciphers
  • AES, DES, 3DES
  • Modes of Operation (ECB, CBC, CTR, XTS)
  • Block Shuffling Attacks
  • Nonce Reuse Attacks
  • Bit-Flipping Attacks
  • Padding Oracles
  • **Challenge Lab: Hacking Block Ciphers**


Hash Functions

  • Introduction to Hash Functions
  • Collision Attacks (SHA1/MD5)
  • Length Extension Attacks
  • Rainbow Table Attacks
  • **Challenge Lab: Hacking Hash Functions**



Day 2:

Attacks on Message Authentication Codes

  • Introduction to Message Authentication Codes
  • Attacks on Primitive Constructs
  • Forgery Attacks
  • Authenticated Encryption
  • GCM Forbidden Attack
  • **Challenge Lab: Hacking MACs**


Entropy Attacks

  • Introduction to the Linux Entropy Pool
  • Misuse of Pseudo Random Number Generators
  • Predicting Linear Congruential Generators
  • Predicting Mersenne Twister
  • Predicting Linear Feedback Shift Registers
  • The Dual EC DRBG Backdoor
  • **Challenge Lab: Hacking Randomness**


Attacks on Asymmetric Crypto / RSA

  • Introduction to RSA
  • RSA Key Formats
  • Attacks on Textbook RSA
  • Attacks on Short Keys
  • Forging RSA Signatures
  • RSA PKCS#1.5 Signatures
    * Padding/Bleichenbacher Attacks on RSA
  • **Challenge Lab: Hacking RSA**


Day 3:

Attacks on Asymmetric Crypto / ECC

  • Introduction to Elliptic Curve Cryptography
  • The Java ECC Screwup
  • Exploiting ecDSA Nonce Reuse
  • Exploiting ed25519 Bad Public Keys
  • Invalid Point Attacks
  • **Challenge Lab: Hacking ECC**



  • Introduction to Certificates
  • x509 structure
  • Common certificate pitfalls
  • **Challenge Lab: Working with Certificates**


Further Attacks

  • JWT Implementation Bugs
  • TLS Weaknesses
  • **Challenge Lab: Exploiting JWT**



  • Sneak Peak at Post Quantum Crypto


  • **Presentation of Take Home Challenges**
  • Recap – Cryptography

Why You Should Take This Course

This class does not require prior knowledge in cryptography. However, the material is compressed and we move fast. Participants should be familiar with at least one scripting language (e.g. Python) and have a working understanding of computer networks.

Who Should Attend

Penetration testers, sysadmins and developers that wish to get a better understanding of how cryptography works and often times fails.

Key Learning Objectives

  • Get to know how state-of-the-art cryptography operates. Learn what kind of guarantees are given by certain primitives, and which aren't.

  • Learn how cryptography is often misused in practice and how this misuse can be exploited.

  • Write exploits for systems using cryptography in an inappropriate way.

  • Evaluate program code that uses cryptography for proper usage.

  • Identify cryptographic schemes used in real-world systems.
  • Prerequisite Knowledge

    This is a beginner to intermediate course. The contents are compressed, but no prior knowledge of cryptography is needed. Every subject is introduced before attacks are presented.
    Students should be familiar with at least one scripting language (e.g. Python) and have a basic understanding of computer networks.

    Hardware / Software Requirements

    Participants should bring a laptop with administrator/root access to install software.

    Your Instructor

    • 10 years in offensive security research
    • Bug hunter for crypto code
    • Lead trainer at Neodyme
    • Auditor of crypto code for multiple large industry projects
    • PhD candidate for applied cryptography at the Max Planck Institute
    • Multi-time HITB ProCTF, Google CTF and DEFCON CTF finalist
    • Founder and Chair of the RedRocket Hacking Club
    • 5 years in vulnerability research
    • Tinkerer and Hardware Hacker
    • Profound interest in real-world attacks on cryptography
    • Multi-time DEFCON CTF finalist (team Sauercloud)
    • Trainer at Neodyme.io