Blogs

I recently backed up a large PostgreSQL database, spanning a few dozen terabytes, from AWS RDS to an AWS S3 bucket in a resource-constrained environment. The process wasn’t as straightforward as I imagined it would be, so I decided to share everything I learned. Let’s say we have limited storage on the machine where we want to back up the database – meaning the size of the backup exceeds the total storage capacity of the machine. Additionally, our priority is the speed at which this backup is taken rather than the cost of storing it in S3. Let’s explore how we can perform a backup under these constraints. If you don’t have the same constraints, you may want to tweak a few parameters which we’ll discuss after the tl;dr section. ...

Recently, I happened to come across MQTT Protocol while doing background work for a project as a part of IoT course offered at the University. I liked it due to reasons which I will justify, hence this blog post! I spent some time yesterday looking at the working and specifications of MQTT v3.1.1 from the blog post by teserakt and through the documentation: http://docs.oasis-open.org/mqtt/mqtt/v3.1.1/mqtt-v3.1.1.html, since I enjoy reading about the protocols and their implementation. ...

In this blog post, I will be talking about my new library Crypton, my journey of building this library, future plans and much more! Check out the library on GitHub: https://github.com/ashutosh1206/Crypton Introduction This library is an attempt by the author to help provide a platform to learn and practice Offensive and Defensive cryptography for people interested in this field . With the increasing number of attacks on implementations of cryptographic protocols every year, it has become essential that we give as much importance to secure implementation of these protocols as we give to internals of the protocol itself. ...

This blog post covers one of the most important Mathematical Structures for Cryptography- Fields. It is used in both Symmetric and Asymmetric key Cryptography. This blog post gives a basic introduction to Finite Fields and arithmetic operations on it, but I hope the purpose of it is served- to make people, who don’t have basic knowledge about this, understand a few upcoming CTF write-ups, that are based on Finite Fields. ...

This blog primarily focuses on Blinding Attack- an elementary vulnerability in unpadded RSA digital signature algorithm that can be exploited to forge signatures. The working and properties of Digital Signatures will be described before directly jumping onto the attack. In the end, we discuss ways to prevent this attack. Unpadded Digital Signatures using RSA RSA is a kind of Trapdoor One-way Function. Wikipedia describes a one-way function as a function that is easy to compute on every input, but hard to invert given the image of a random input. Here, “easy” and “hard” are to be understood in the sense of computational complexity theory, specifically the theory of polynomial time problems. ...