Eric Fay

Nerf Herder

Read this first

Tales from the Cryptography: The Terrifying Math Explained - Part 1

Most public key cryptosystems are mathematically hard and hard on the eyes. If you visit some of the Wikipedia pages for these cryptosystems, your eyes may start to get sore from looking at the intense mathematical equations. In this multipart series of blog posts, I will go over some popular public key cryptosystems and present the hard mathematical problems behind them at an accessible level.

First up is RSA. RSA is named after the designers of the algorithm: Ron Rivest, Adi Shamir and Leonard Adleman. First published in 1977, the trio’s system is still widely in use to this day. RSA consists of three phases: key generation, encryption, and decryption. In the key generation phase, the public and private keys are created. The encryption phase takes in a plaintext message, uses the recipient’s public key, and returns a cipher text. The decryption phase takes in a cipher text, uses the

Continue reading →


Introduction to Password Strength

Between the vast number of services we log into and log out of every day, it’s often hard for us to remember that the strength of the passwords we use is a very important aspect of keeping passwords secure.

The strength of a password is typically determined by:

  • length
  • avoidance of dictionary words
  • avoidance of relevant user information (first name, last name, birth date)
  • avoidance of common patterns
  • the combination of the following “character types”
    • lowercase letters
    • uppercase letters
    • numbers
    • special characters

The mixture of different character types makes up what’s called the “keyspace”. The keyspace can be computed through the formula CN, C being the number of possible characters and N being the length of the password. To determine the keyspace of the “oh, so common” example, ‘password’, we would use the above formula CN. This example uses only lowercase letters which would

Continue reading →


Hello World! Redux

This is my first post in quite some time. As you can see, the site looks a little bit different. I recently received an invitation to blog on Svbtle and thought since my site was aging that I’d give it a try. Hoping to post more regularly as this new year begins. I also plan on blogging more than just information security topics this year. Looking to break into some posts on information retrieval, search, big data and a few other topics. I’ll be posting up the old blog posts in case anyone is looking for them. I’m very excited to kick this new blog off, cya soon.

Continue reading →