Search results “Cryptographically secure random function/generator php file”
High Capacity PHP Random String Generator Function Programming Tutorial
Lesson Code: http://www.developphp.com/video/PHP/Random-String-Generator-PHP-Function-Programming-Tutorial Learn to program a high capacity PHP random string generator with dynamic length parameter. We demonstrate how to then make your script modular in order for it to be reusable, external and dynamic. Splitting (str_split) any string gives you an array from that string, then you can pluck out elements of that array (array_rand) within a for loop in order to return a randomly generated string of characters of any length.
Views: 11727 Adam Khoury
Random bytes and  random int functions
Two new functions have been added to generate cryptographically secure integers and strings in a cross platform way: random_bytes() and random_int().
Views: 824 Avelx
JMS240: Secure User Authenticaion and Cryptographically Secure Tokens in PHP
A common problem in PHP is creating cryptographically secure tokens for user authentication. Think "remember me" and password reset features. Functions like rand(), mt_rand() and uniqid() simply aren't enough. And, without "resource-improbable" tokens... it's only a matter of time for a hacker to break your authentication and get int your application. Fortunately, PHP 5.6 and 7 have added the necessary functions for us to creating cryptographically secure tokens, prevent timing attacks and mitigate data hacks. That latest in all this in this episode. Show notes and sources: https://www.johnmorrisshow.com/240 #php #webdev
Views: 988 John Morris
Password Hashing, Salts, Peppers | Explained!
---------------------------------------------------------------------------------------------- Check out my site: http://www.seytonic.com Follow me on twitter: https://twitter.com/seytonic
Views: 44957 Seytonic
Black Hat USA 2012 - PRNG Pwning Random Number Generators (In PHP Applications)
By: George Argyros & Aggelos Kiayias We present a number of novel, practical, techniques for exploiting randomness vulnerabilities in PHP applications. We focus on the predictability of password reset tokens and demonstrate how an attacker can take over user accounts in a web application via predicting the PHP core randomness generators. Our suite of new techniques and tools go far beyond previously known attacks (e.g. Kamkar and Esser) and can be used to mount attacks against all PRNG of the PHP core system even when it is hardened with the Suhosin extension. Using them we demonstrate how to create practical attacks for a number of very popular PHP applications (including Mediawiki, Gallery, osCommerce and Joomla) that result in the complete take over of arbitrary user accounts. While our techniques are designed for the PHP language, the principles behind ]them are independent of PHP and readily apply to any system that utilizes weak randomness generators or low entropy sources. We will also release tools that assist in the exploitation of randomness vulnerabilities and exploits for some vulnerable applications.
Views: 1045 Black Hat
PHP Basics: Practical projects: Random quote generator (34/35)
Want more? Explore the library at https://www.codecourse.com/lessons Official site https://www.codecourse.com Twitter https://twitter.com/teamcodecourse
Views: 4392 Codecourse
How to Hash a Password Using PHP and MySQL - Create a Login Pt 2
In this video I will discuss and illustrate password storage using PHP and MySQL. I will hash using SHA-512 and discuss some security issues. In the next video, I will discuss salting a password.
Views: 5973 Ken Swartwout
How TOTP  (Time-based One-time Password Algorithm) Works for 2 Factor Authentication
Amazon Affiliate Store https://www.amazon.com/shop/lawrencesystemspcpickup Things we love including computers, software, services, gadgets, and of course hot sauces. https://www.lawrencesystems.com/things-we-love/ How TOTP (Time-based One-time Password Algorithm) Works for 2 Factor Authentication Here is the TOTP Bash Script I used in the video https://github.com/jakwings/bash-totp
How to Salt & Hash a Password Using PHP and MySQL - Create a Login Pt 3
In this video I will discuss and illustrate password storage with salting and hashing using PHP and MySQL. I will use a simple salt and hash with SHA-512 and discuss some security issues. In production, you should strongly consider unique or random salt of your passwords. In the next video, I will discuss the login process.
Views: 11482 Ken Swartwout
Secure PHP Password Hashing: Hashing Passwords
Want more? Explore the library at https://www.codecourse.com/lessons Official site https://www.codecourse.com Twitter https://twitter.com/teamcodecourse
Views: 27568 Codecourse
Secure PHP Password Hashing: Verifying Passwords
Want more? Explore the library at https://www.codecourse.com/lessons Official site https://www.codecourse.com Twitter https://twitter.com/teamcodecourse
Views: 26979 Codecourse
PHP SHA1 Salt Encryption Tutorial
PHP SHA1 Salt Encryption Tutorial *** https://www.facebook.com/pradyumn.shrivastava
Views: 13590 SourcewareInfo
RSA Key Generation, Signatures and Encryption using OpenSSL
Demonstration of using OpenSSL to create RSA public/private key pair, sign and encrypt messages using those keys and then decrypt and verify the received messages. Commands used: openssl. Created by Steven Gordon on 7 March 2012 at Sirindhorn International Institute of Technology, Thammasat University, Thailand.
Views: 57346 Steven Gordon
Prng Implementation - Applied Cryptography
This video is part of an online course, Applied Cryptography. Check out the course here: https://www.udacity.com/course/cs387.
Views: 2730 Udacity
create or signup user and insert salt sha256 hash password in mysql
In this Tutorial we made PHP signup form and link this signup form with our dummy website template this signup form will html5 confirm password validation and signup data will insert into mysql database table and password hash encrypted with sha256.plus this tutorial has following things -create table and table colmuns -make auto increment column and primary key column -difference between varchar and int for sample snippet code : http://hzonesp.com/php/create-signup-user-insert-salt-sha256-hash-password-mysql/
Views: 9009 H2 ZONE
Generate Random Values - SQL in Sixty Seconds #042
Though it looks simple it is very difficult to generate random numbers which one can't guess. In this sixty second video we will see a neat trick where we will generate Random value between specified two numbers. Read more here: http://bit.ly/12oAiIj
Views: 10421 Pinal Dave
Generating random numbers in Oracle
For more tutorial please visit #techquerypond https://techquerypond.com https://techquerypond.wordpress.com https://twitter.com/techquerypond
Views: 506 Tech Query Pond
How Secure is Your Password? And 21 Other DONGs
Want more DONGs? Watch them all here: http://www.youtube.com/playlist?list=PLEC0A5E71DE1EDFCE&feature=view_all List of all DONGs ever covered: https://docs.google.com/document/d/1UDrmnu6hVlLkx3jGdOXje_dmMeOQO3uEHDHwgY5sxyE/edit?pli=1 Flip a Coin: http://www.justflipacoin.com Am I Awesome? http://amiawesome.com/ WIKI GAME: http://thewikigame.com/ Wasn't in the episode, but this is hilariously useless: http://youfellasleepwatchingadvd.com/ constellations in the future (and past!): http://www.astro.ubc.ca/~scharein/applets/Sim/pmot/ProperMotion.html Shaking internet: http://thedisagreeinginternet.com/ Pyro: http://armorgames.com/play/3174/pyro "IMPOSSIBLE QUIZ:" http://www.notdoppler.com/theimpossiblequiz.php Giant Image Viewer: http://iipimage.sourceforge.net/demo/ OBEY GAME: http://www.kongregate.com/games/ArmorGames/obey-the-game?acomplete=obey Motherload: http://www.miniclip.com/games/motherload/en/ Stealing the Diamond: http://www.maxgames.com/play/stealing-the-diamond.html http://thebest404pageever.com/ THIS IS SAND: http://thisissand.com/ Amy Poehler's SMART GIRLS AT THE PARTY: http://www.youtube.com/watch?v=fbUtfyzuwjc Password tester: http://howsecureismypassword.net/ 24/7 Internet HUGS: http://thenicestplaceontheinter.net/ Plot Generator: http://www.archetypewriting.com/muse/generators/plot.htm Last Square Standing: http://www.kongregate.com/games/Abigayl/last-square-standing Pointing at your pointer: http://www.pointerpointer.com/ Are we still ok? http://hasthelargehadroncolliderdestroyedtheworldyet.com/ Warp Field: http://www.kevs3d.co.uk/dev/warpfield/ Music by Jake Chudnow: http://soundcloud.com/jakechudnow http://www.youtube.com/jakechudnow
Views: 6368656 Vsauce
Simple homemade encryption algorithm
(Source code on request. UPDATE: See below) Made an encryption scheme that creates a square (padding random bytes if necessary) and shifts a square based on the password. Given the same password, it will perform the same shifts. Decryption uses the same algorithm but performs the actions backwards. Another version (shown second, starting at 0:53) also does character substitution. This basically adds up the values of each character of the password and each character of the data, modulus the length of the character set of course. After that it still performs shifting. It's not going to be used for anything at all ("rolling your own" is always an extremely bad idea in cryptography, I know that very well), I just enjoyed creating it. Just shifting the square around seems to give a pretty random outcome, and with character substitution you really can't tell what the original was. The algorithm also includes an extremely simple key derivation function which obfuscates the key input for a more random looking output (though the key needs not be fixed-length). It only accepts ASCII input, no accents or euro symbols or anything outside 32-127. It's not meant to be really used anyway. Again, source available on request. Note that I can't comment because then I'd need to make a Google+ profile, but I will read comments (typically within 24 hours, assuming I get an email notification) and simply edit the description to include a link. SOURCE CODE Update June 2018: Wow, I had no idea there were comments on this video at all. Everyone has been asking for years! Sorry! http://lucb1e.com/rp/php/horrible-encryption-square.php I have to warn you, it's not super easy to use. You need to have PHP installed on the command line (Ubuntu/Debian/Mint: apt install php-cli) and run it as shown in the video. To change whether it does substitution, see the third line of the file.
Views: 3888 lucb1e
PHP Tutorial: Password Encryption with MD5, SHA1, and Crypt -HD-
In this tutorial, you will learn how to encrypt passwords and other data by using the md5, sha1, and crypt functions. Be sure to SUBSCRIBE because there will be a new tutorial every week. Follow me on Twitter @RiverCityGraphx Like us on on facebook: http://on.fb.me/i8UQpt Suggest tutorials at http://www.rivercitygraphix.com For project files, help forums, and more check out the website at http://www.rivercitygraphix.com For business related inquires contact us at [email protected]
Views: 38759 RiverCityGraphix
How to encrypt password using password_hash function in php
New password encryption technique in php using password_hash function.
Views: 362 Arindam Roy
Asymmetric Encryption and Signing with Public Private Keys
Bob and Alice will only get you so far. Article at https://coolaj86.com/articles/asymmetric-public--private-key-encryption-in-node-js/ Without getting deep into math, I paint a picture of specifically how RSA encryption works, it's connection with AES, and how HTTPS and GPG use both. I also show examples using the OpenSSL commandline tools and ursa in node.js. It's still pretty high-level, but with sprinkled with some practical details and understanding you may not have had before. Examples with OpenSSL Node.js
Views: 5443 AJ ONeal
Secure PHP Password Hashing: Securing Existing User Passwords
Want more? Explore the library at https://www.codecourse.com/lessons Official site https://www.codecourse.com Twitter https://twitter.com/teamcodecourse
Views: 12600 Codecourse
Salted Password Scheme - Applied Cryptography
This video is part of an online course, Applied Cryptography. Check out the course here: https://www.udacity.com/course/cs387.
Views: 11934 Udacity
DEF CON 22 - Dan Kaminsky - Secure Random by Default
Secure Random By Default Dan Kaminsky Chief Scientist, White Ops As a general rule in security, we have learned that the best way to achieve security is to enable it by default. However, across operating systems and languages, random number generation is always exposed via two separate and most assuredly unequal APIs -- insecure and default, and secure but obscure. Why not fix this? Why not make JavaScript and PHP and Java and Python and even libc rand() return strong entropy? What are the issues stopping us? Should we just shell back to /dev/urandom, or is there merit to userspace entropy gathering? How does fork() and virtualization impact the question? What of performance, and memory consumption, and headless machines? Turns out the above questions are not actually rhetorical. Just because a change might be a good idea doesn't mean it's a simple one. This will be a deep dive, but one that I believe will actually yield a fix for the repeated *real world* failures of random number generation systems. Dan Kaminsky has been a noted security researcher for over a decade, and has spent his career advising Fortune 500 companies such as Cisco, Avaya, and Microsoft.Dan spent three years working with Microsoft on their Vista, Server 2008, and Windows 7 releases. Dan is best known for his work finding a critical flaw in the Internet’s Domain Name System (DNS), and for leading what became the largest synchronized fix to the Internet’s infrastructure of all time. Of the seven Recovery Key Shareholders who possess the ability to restore the DNS root keys, Dan is the American representative. Dan is presently developing systems to reduce the cost and complexity of securing critical infrastructure.
Views: 24049 DEFCONConference
Importance Of Developers Salting User Passwords
Racker Bret McGowen discusses the importance of developers salting their user's passwords to help increase security for their app.
Views: 32035 Rackspace
Random numbers and bytes with PHP7
Want more? Explore the library at https://www.codecourse.com/lessons Official site https://www.codecourse.com Twitter https://twitter.com/teamcodecourse
Views: 5986 Codecourse
PHP Tutorial: Secure Password Hashing using  crypt()
In this video lesson you will learn how to securely salt and hash user passwords for safe storage in your database. We will be going over how to use the PHP crypt() function and Blowfish algorithm as well as how to test user log in against the encrypted password. Lesson code available here: http://www.worldofwebcraft.com/blog.php?id=241 For more information on creating even stronger encryption for storing passwords using CRYPT_BLOWFISH check out this link: http://www.gotcode.org/blog.php?id=243
Views: 22074 Isaac Price
Password generator program in c
In these program if you can give length to program it should generate a password for you but length should be greater than 5
Views: 26 CODE RUSH
Fun with RNG - don't trust pseudo-random number generators
They're simply not random.
Views: 243 Zaxik
AskDeveloper Podcast - 46 - Cryptography - Part 1 - Introduction and Hashing - التشفير الجزء الأول
http://www.askdeveloper.com/2017/01/cryptography.html Information Security 1. Introduction ○ Security by obscurity § Steganography □ Hiding data inside another form of data, like using non-used bits in image to hide a message § Cool, but not practical. § Disadvantages ◊ Algorithm secrecy vs. key secrecy ○ Cryptography is everywhere and yet if done right, you can barely see it. ○ Goals: § Confidentiality □ Secrets stay secret. § Integrity □ Data is not tampered with. § Non-Repudiation □ No party can deny sending messages. § Authentication □ Each party can ensure that the sender is what they expect. ○ Cryptography § Hashing § Encryption § Signing § Protocols ○ Random Number Generators § Extremely important, almost all encryption/hashing strength is affected by how random the random number generator is. § Don't use simple random number, use a cryptographic random number generator with a sophisticated source of entropy. § Pseudorandom number generator § Dual_EC_DRBG random generator backdoor 2. Body ○ Hashing (one Way) § Properties □ Fixed length output no matter what size the input was □ Very easy to compute the hash of a given message, however very hard to compute from a hash the corresponding input. □ Mathematically infeasible to generate a message that has a given hash □ Any modification to a message produces a completely different hash that has no relationship to the original message's hash. □ It is mathematically infeasible to find two messages with the same hash. Hash Collision § Hashing Functions □ Provides data integrity, however lacks authentication □ Examples ® MD5 ◊ Considered Insecure ® Secure Hash Family SHA-X, Sha-1, Sha-2 [Sha256, Sha512], Sha-3 ◊ Sha-1 is considered insecure. ◊ Sha-1, Sha-2 designed by NSA ◊ Sha-3 is not designed by NSA, Competition winner. □ Attacks ® Brute force ◊ CPU's are getting faster and cheaper every day. ◊ GPU's are getting faster and cheaper every day. ◊ Special Hash calculating hardware is becoming more available especially with the BitCoin push. ® Rainbow table attacks ◊ Pre-Calculated tables where you can reverse lookup a hash to a value ◊ Try www.crackstation.net § Hash Message Authentication Codes (HMAC) □ Adds authentication to integrity □ Can be used with all previous algorithms, HMACMD5, HMACShA1, HMAC256 … etc. § Salted Hash □ Adds random salt to mitigate rainbow table □ Salts are unique per record, and not a secret. § Password Based Key Derivation Function (PBKDF2) □ RSA Public Key Cryptographic Standard PKCS #5 Version 2.0 □ Internet Engineering Task Force RFC 2898 Specification ® Adds a lot of iterations to slow it just enough to mitigate brute force (default 50,000 iterations) ® Adds random salt to mitigate rainbow table □ Disadvantage: It can be easily implemented with hardware which makes it vulnerable to bruteforce even with high number of iterations § Bcrypt □ Password Hashing function □ State of the art password hashing § Usages □ Integrity Check Password Storage Our facebook Page http://facebook.com/askdeveloper On Sound Cloud http://soundcloud.com/askdeveloper Please Like & Subscribe
Views: 1976 Mohamed Elsherif
PHP : Generate Hash of String Using md5 function in php (In Hindi)
PHP By Pankaj Panjwani. Visit : http://www.yctacademy.blogspot.com.
Views: 317 Pankaj Panjwani
Random Number Generator
Creating a random number generator using pure JavaScript. This tutorial doesn't cover the basics of JavaScript - its just me messing about. But I hope you can learn something from this video. Here is a link to the MDN - this website provides great documentation on JS - https://developer.mozilla.org/en-US/docs/Web/JavaScript P.S apologies for the furious typing
Views: 75 Kristian Woods
C# Salting & Hashing Passwords
Quick demo using .NET and coding a Salt and Hashed password functionality in C#.
Views: 28501 Chris Duran
Basic PHP Programming Tutorial 22: Hashing part 2: salting
Link to the full playlist: http://www.youtube.com/playlist?list=PLQVvvaa0QuDcYpcjrNB43_iKqla5UeQw_ Sentdex.com Facebook.com/sentdex Twitter.com/sentdex How to further protect hashed data
Views: 451 sentdex
How do we know our PRNGs work properly? (33c3)
https://media.ccc.de/v/33c3-8099-how_do_we_know_our_prngs_work_properly Pseudo-random number generators (PRNGs) are critical pieces of security infrastructure. Yet, PRNGs are surprisingly difficult to design, implement, and debug. The PRNG vulnerability that we recently found in GnuPG/Libgcrypt (CVE-2016-6313) survived 18 years of service and several expert audits. In this presentation, we not only describe the details of the flaw but, based on our research, explain why the current state of PRNG implementation and quality assurance downright provokes incidents. We also present a PRNG analysis method that we developed and give specific recommendations to implementors of software producing or consuming pseudo-random numbers to ensure correctness. Vladimir Klebanov Felix Dörre
Views: 968 media.ccc.de
The Quick and Easy Guide to Secure Passwords
This video teaches how to choose a secure but easy to remember password and which types of passwords to avoid. I recommend using a password manager so you don't even have to worry about remembering them. Have a nice World Password Day! The Best Password Managers, Compared: https://youtu.be/q2nsUgG0zfQ Twitter: https://twitter.com/HaG_YT Subscribe to my channel! https://goo.gl/B8Z9v8 Check out more of my videos: https://goo.gl/RGeqUJ Support me for free by browsing with Brave: https://brave.com/har633 » Donate « You want to support me and my videos? Any amount is appreciated: https://paypal.me/HardwareAndGames Websites mentioned in this video: https://howsecureismypassword.net/ https://blog.avira.com/world-password-day/ https://lastpass.com/generatepassword.php https://en.wikipedia.org/wiki/Diceware http://rumkin.com/tools/password/diceware.php https://www.random.org/dice/ https://www.xkcd.com/936/ https://support.google.com/accounts/answer/185839 https://en.wikipedia.org/wiki/List_of_the_most_common_passwords Music by Approaching Nirvana http://youtube.com/user/approachingnirvana Song: Lapse Buy the song on iTunes: https://apple.co/2rimb9d License: http://approachingnirvana.com/license Music by Xenojam http://freemusicarchive.org/music/Xenojam/ Song: Dark Waves License: https://creativecommons.org/licenses/by/4.0/ (Changes: Song was trimmed, Volume was adjusted)
Views: 216 censiCLICK
Secured Password Hashing in PHP (Best Practises)
Learn How To Properly Hash Passwords in PHP using SHA-256 algorithm and salts. Hash Salts are randomly generated strings that is used(mixed with the original text) in order to strengthen and unique hashes for the same text. * SHA-256 hash with a 16 character salt starting with $5$. * min rounds = 1000 and max rounds = 999,999,999
Views: 373 Aman Kharbanda
Generating MD5, SHA hash in java
This video demonstrate the use of MD5 hashing and SHA hash in Java. http://www.examsmyantra.com/article/101/java/using-md5-or-sha-hashing-in-java
Views: 12429 examsmyantra
File Encryption - Applied Cryptography
This video is part of an online course, Applied Cryptography. Check out the course here: https://www.udacity.com/course/cs387.
Views: 1666 Udacity
How to make a registration form with php. password hashing
php video tutorial by bramento In this video you will know How to make a registration form with php. password hashing securing with password hashing function. getbootstrap.com for the form. find out there for form our website onlinestudy.com login comining soon... with password verify function... which will verify our saved database hashed or becrypt password and access for log in. source code can be found at http://onlinestudy.bramento.com/pages/detail.php?post_id=116
Views: 135 WIKIS
Generate Secure Password with MD5 and SHA1 in Java
In this video, I will demo how to Generate Secure Password with MD5 and SHA1 in Java You can see programming languages book reviews and buy Books Online at http://learningprogramming.net/ You also can buy my apps in http://codecanyon.net/user/octopuscodes/portfolio
Views: 10406 Learning Programming
Applied Cryptography: DES in Java - Part 1
Previous video: https://youtu.be/YERCLbyoizY Next video: https://youtu.be/K__Y0BK6GFM
Views: 2038 Leandro Junes
Adding Randomness to Password Based Authentication Schemes using Random Challenge
User Authentication Adding Randomness to Password Based Authentication Schemes using Random Challenge Keywords: User Authentication Adding Randomness to Passwords Random Challenge Network Security Notes Computer Network Security Notes
Encryption Part I: Introduction to Encryption 4
The 4th video in this series, covering random numbers and how to generate them. One more note about the diode diagram: it would have been more clear if I'd put in the polarity signs. The negative pole is on the left, and the electrons are repelled by it, meaning they're trying to move across the diode to the right. That particular diode is reverse biased, which SHOULD make that the equivalent of an open circuit. But the diode is so small that the electrons can tunnel through via quantum mechanics, resulting in a signal that can be used as a source of entropy. Here's more about diodes, including a diagram showing what happens with reverse bias: https://learn.sparkfun.com/tutorials/diodes GNU Privacy Guard: https://www.gnupg.org/ The Android Bitcoin wallet flaw http://android-developers.blogspot.com/2013/08/some-securerandom-thoughts.html
Views: 17680 Shane Killian
Terence Tao - Recent progress in additive prime number theory [2009]
slides for this talk: https://terrytao.files.wordpress.com/2009/08/prime-number-theory1.pdf Recent progress in additive prime number theory Terence Tao (University of California, Los Angeles) 2009-12-14 http://www.mathnet.or.kr/new_VOD/sub2_2.php?no=1485
Final Year Projects | Offline QR Code Authorization Based on Visual Cryptography
Including Packages ======================= * Complete Source Code * Complete Documentation * Complete Presentation Slides * Flow Diagram * Database File * Screenshots * Execution Procedure * Readme File * Addons * Video Tutorials * Supporting Softwares Specialization ======================= * 24/7 Support * Ticketing System * Voice Conference * Video On Demand * * Remote Connectivity * * Code Customization ** * Document Customization ** * Live Chat Support * Toll Free Support * Call Us:+91 967-774-8277, +91 967-775-1577, +91 958-553-3547 Shop Now @ http://clickmyproject.com Get Discount @ https://goo.gl/lGybbe Chat Now @ http://goo.gl/snglrO Visit Our Channel: http://www.youtube.com/clickmyproject Mail Us: [email protected]
Views: 1218 ClickMyProject
How NOT to Store Passwords! - Computerphile
Security of users' passwords should be at the forefront of every web developer's mind. Tom takes us through the insecure ways in which some websites deal with passwords. Note: At circa 8mins, the animation does not show how the 'salt' is also stored in the database alongside the username. Hashing Algorithms and Security: http://youtu.be/b4b8ktEV4Bg Security of Data on Disk: http://youtu.be/4SSSMi4X_mA More from Tom Scott: http://www.youtube.com/user/enyay and https://twitter.com/tomscott http://www.facebook.com/computerphile https://twitter.com/computer_phile This video was filmed and edited by Sean Riley. Computerphile is a sister project to Brady Haran's Numberphile. See the full list of Brady's video projects at: http://bit.ly/bradychannels
Views: 1433871 Computerphile
Ever wonder how Bitcoin (and other cryptocurrencies) actually work?
Bitcoin explained from the viewpoint of inventing your own cryptocurrency. Videos like these made possible by patreon: https://patreon.com/3blue1brown Protocol Labs: https://protocol.ai/ Interested in contributing? https://protocol.ai/join/ Special thanks to the following patrons: http://3b1b.co/btc-thanks Some people have asked if this channel accepts contributions in cryptocurrency form as an alternative to Patreon. As you might guess, the answer is yes :). Here are the relevant addresses: ETH: 0x88Fd7a2e9e0E616a5610B8BE5d5090DC6Bd55c25 BTC: 1DV4dhXEVhGELmDnRppADyMcyZgGHnCNJ BCH: qrr82t07zzq5uqgek422s8wwf953jj25c53lqctlnw LTC: LNPY2HEWv8igGckwKrYPbh9yD28XH3sm32 Supplement video: https://youtu.be/S9JGmA5_unY Music by Vincent Rubinetti: https://soundcloud.com/vincerubinetti/heartbeat Here are a few other resources I'd recommend: Original Bitcoin paper: https://bitcoin.org/bitcoin.pdf Block explorer: https://blockexplorer.com/ Blog post by Michael Nielsen: https://goo.gl/BW1RV3 (This is particularly good for understanding the details of what transactions look like, which is something this video did not cover) Video by CuriousInventor: https://youtu.be/Lx9zgZCMqXE Video by Anders Brownworth: https://youtu.be/_160oMzblY8 Ethereum white paper: https://goo.gl/XXZddT Music by Vince Rubinetti: https://vincerubinetti.bandcamp.com/album/the-music-of-3blue1brown ------------------ 3blue1brown is a channel about animating math, in all senses of the word animate. And you know the drill with YouTube, if you want to stay posted on new videos, subscribe, and click the bell to receive notifications (if you're into that). If you are new to this channel and want to see more, a good place to start is this playlist: http://3b1b.co/recommended Various social media stuffs: Website: https://www.3blue1brown.com Twitter: https://twitter.com/3Blue1Brown Patreon: https://patreon.com/3blue1brown Facebook: https://www.facebook.com/3blue1brown Reddit: https://www.reddit.com/r/3Blue1Brown
Views: 2170118 3Blue1Brown
I Forgot Your Password: Randomness Attacks Against PHP Applications
This video is part of the Infosec Video Collection at SecurityTube.net: http://www.securitytube.net I Forgot Your Password: Randomness Attacks Against PHP Applications Slide : - https://www.usenix.org/system/files/conference/usenixsecurity12/sec12-final218.pdf We provide a number of practical techniques and algorithms for exploiting randomness vulnerabilities in PHP applications.We focus on the predictability of password reset tokens and demonstrate how an attacker can take over user accounts in a web application via predicting or algorithmically derandomizing the PHP core randomness generators. While our techniques are designed for the PHP language, the principles behind our techniques and our algorithms are independent of PHP and can readily apply to any system that utilizes weak randomness generators or low entropy sources. Our results include: algorithms that reduce the entropy of time variables, identifying and exploiting vulnerabilities of the PHP system that enable the recovery or reconstruction of PRNG seeds, an experimental analysis of the Hstad-Shamir framework for breaking truncated linear variables, an optimized online Gaussian solver for large sparse linear systems, and an algorithm for recovering the state of the Mersenne twister generator from any level of truncation. We demonstrate the gravity of our attacks via a number of case studies. Specifically, we show that a number of current widely used web applications can be broken using our techniques including Mediawiki, Joomla, Gallery, osCommerce and others.
Views: 1507 SecurityTubeCons