I recently came across the issue of latency differences between HTTP and HTTPS. It got me curious and I started looking into it. To give a quick introduction to those who are new to this, HTTP stands for Hypertext Transfer Protocol and it’s a protocol for communication over the internet. Whenever somebody types something into the address bar on their browser, the browser understands the address and displays the appropriate thing. When you look at the address bar, you usually won’t see the address beginning with “http” because modern web browsers hide it. If you copy that address and paste it into a text file, you will see the full address starting with “http”. The problem with HTTP is that it is susceptible to wiretapping and other kinds of attacks. So people came with a solution and introduced HTTPS. HTTPS stands for Hypertext Transfer Protocol Secure. As the name suggests, it is secure! It’s the same HTTP protocol layered with a security protocol. Now that brings us to the main question. Will this affect the internet speed in any way? Will this be an issue when we are dealing with large amounts of traffic on the internet? Continue reading

# Tag Archives: Hacking

# Why Do We Need Two-Factor Authentication?

In the last couple of years, we have encountered quite a few security breaches. A lot of internet companies are being targeted with these kinds of attacks. One of the most common forms of online transactions is that you have an account that’s protected with a password. So whenever you want to access your account, you just enter your username along with the password. But the problem is that this is breakable! As in, people can technically break into these accounts. So people started thinking about different ways in which this could be prevented. Of course, choosing better passwords would help, but we need to way to fundamentally improve the security. How exactly do we do it? Do we just choose bigger and better passwords or is there something new we can do? Continue reading

# Elliptic Curve Cryptography: Part 4/4 – How Do We Use Elliptic Curves?

In the previous blog post, we discussed about elliptic curves and saw what they look like. We also looked at some of their special properties that enable it to be a good trapdoor function. But this is still very mathematical, right? The curves are great to look at and we understand general concept of elliptic curves, but how do we use them in real life? The curves denoted by those equations don’t represent the curves that are used in cryptography. In the real world, things are digitized. We need to convert things into bits and move them around quickly. So how do we do it? Continue reading

# Elliptic Curve Cryptography: Part 3/4 – What Is An Elliptic Curve?

In the previous blog post, we discussed why RSA will not be sufficient anymore. We looked at how machines are getting stronger, and that we cannot rely on factorization as our primary mathematical foundation. We also talked a bit about what we are looking for in our new system, and then said a quick hello to elliptic curves. In this blog post, we will see what elliptic curves are. As always, we will keep the equations to a minimum, and instead, try to understand the underlying concept. Let’s go ahead, shall we? Continue reading

# Elliptic Curve Cryptography: Part 2/4 – Why Do We Need It?

In our previous blog post, we discussed public key cryptography and how it works in general. The RSA is so powerful because it comes with rigorous mathematical proofs of security. The authors basically proved that breaking the system is equivalent to solving a very difficult mathematical problem. When we say “difficult”, what it means is that it would take trillions of years to break it even if all the supercomputers in the world were to work in parallel. By the way, this is just one encoded message! The problem in question here is prime number factorization. It is a very well-known problem and has been studied for a very long time. So if it’s such a difficult problem, why do we need something new? What’s the problem here? Continue reading

# Elliptic Curve Cryptography: Part 1/4 – Why Should We Talk About It?

Elliptic curve cryptography is one of the most powerful techniques used in the field of modern cryptography. Just to be clear, elliptic curves have nothing to do with ellipses. I agree that the name can be slightly misleading, but once we discuss what elliptic curves are, it will become much clearer. So as you may have already guessed, elliptic curve cryptography (ECC) is based on the properties of elliptic curves. ECC is very useful in internet security and it is being deemed as the successor to the almighty RSA crypto system. If that didn’t make sense to you, don’t worry! We are going to discuss everything in detail. A lot of of websites are increasingly using ECC to secure everything like customer data, connections, passing data between data centers, etc. So what makes ECC so special? Is it strong enough to take over the world? Continue reading

# How To Deal With Buffer Overflow

You must have encountered the word ‘buffer’ somewhere in your life. In everyday usage, buffer refers to something that acts as an intermediary between two things that don’t get along. It’s a shield which moderates the impact of one thing over the other. In the programming world, buffer refers to an area where we temporarily store data before moving it to another place. Perhaps the most famous example would be copy-paste. When you copy something, it is stored in the buffer until you paste it somewhere. This concept is used extensively while building software systems and it’s important to make sure that the buffer behaves nicely at all times. Now you might ask, what does buffer behavior refer to? Why would it not behave nicely at all times? Continue reading