Hipster Chalubo IoT botnet using the ChaCha stream cipher when good old RC4 would be totally fine https://news.sophos.com/en-us/2018/10/22/chalubo-botnet-wants-to-ddos-from-your-server-or-iot-device/ …
-
-
Replying to @martijn_grooten
There’s nothing unusual with starting from block 1 for encryption. This is how the standard ChaCha20-Poly1305 construction, the very same they refer to, works. And what all implementations do. Block 0 is used to derive a key for the authenticator.
1 reply 0 retweets 3 likes -
Replying to @jedisct1
I certainly didn't mean to suggest it was unusual. It's just a rather uncommon choice to use ChaCha for a botnet.
1 reply 0 retweets 0 likes
Replying to @martijn_grooten
Sure. But what Sophos seems to find unusual is the block counter starting at 1.
0 replies
0 retweets
1 like
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.