I have just released the new version of Megiddo (0.4.0) on the relevant code.google page. This release includes many new things:
- A new detection program for single encrypted file. Relatively often encryption is performed by using a short cyclic sequence (from a few bytes to a few kilobytes) and to combine it to the plaintext (file, binaries...). It is for instance the case with encrypted malware. The program detect_singlefile.c program enables to detect the length of that cyclic sequence. You have just then to split your encrypted file into chunks of that length and perform the cryptanalysis as explained in the library
- New and very detailed slides explaining how to use the open source library and especially giving interesting examples (drawn from real cases) on how trapdoors can be hidden in encryption systems. The case of dynamic cryptographic trapdoors is also presented.
Have a nice reading and fun by practicing with Megiddo-0.4.0