Computer Security: Buffer Overflows and Encryption Fundamentals

Posted on Apr 29, 2026 in Computers

Computer Security Fundamentals

Computer Security: The protection afforded to an automated information system to attain the applicable objectives of preserving the Integrity, Availability, and Confidentiality of information system resources, including hardware, software, firmware, information, data, and communication.

Buffer Overflow Vulnerabilities

Buffer overflow/overrun occurs when a process attempts to store data beyond the limits of a fixed-size buffer, overwriting adjacent memory locations. Buffers can be located in the stack, heap, or data section of a process. This leads to data corruption, memory access violations, and potential code execution by attackers. Note that this does not typically affect high-level languages that lack direct memory access; assembly programmers are responsible for safely handling saved values.

Stack and Heap Overflows

  • Stack Overflow: Occurs when a buffer is on the stack. Causes include infinite recursion (exceeding memory limits) or large variables overwriting the frame pointer and return address. Addresses are stored in little-endian format.
  • Stack Frame: When one function calls another, it must save the return address, parameters, and register values.
  • Heap Overflow: Involves malloc() or dynamic data. Since there is no return address, attackers overwrite heap metadata.
  • Global Data Overflow: Overwriting adjacent global variables (e.g., is_admin).

Shellcode and Attack Vectors

Shellcode uses a buffer overflow to change a return address and execute malicious code. A No Operation (NOP) sled (0x90) is often used as a landing area for the pointer, allowing the execution flow to slide into the actual shellcode.

Defensive Strategies

  • Compile-time: Harden programs using high-level languages, safe coding practices, stack protection (comparing return addresses), and safe libraries.
  • Run-time: Catch and abort attacks using Executable Address Space Protection, Address Space Randomization (ASLR), and Guard Pages to flag illegal memory access.

Encryption and Cryptographic Systems

Requirements for Secure Encryption: The cost of breaking a cipher must exceed the value of the information, and the time required to break it must exceed the information’s lifetime.

Types of Cryptographic Attacks

  • Known Plaintext: Attacker has one or more plaintext/ciphertext pairs.
  • Chosen Plaintext: Attacker chooses plaintext and obtains corresponding ciphertext.
  • Chosen Ciphertext: Attacker chooses ciphertext and obtains corresponding plaintext.
  • Chosen Text: A combination of chosen plaintext and ciphertext.

Block Ciphers and Structures

Feistel Network: A common structure for block cipher algorithms. Data is split into halves (L0 and R0) and processed through multiple rounds involving substitution and transposition. Decryption is achieved by reversing the keys in the function F.

AES Encryption Process

AES 4 Steps:

  1. Substitute bytes: Use S-box for encryption or inverse S-box for decryption.
  2. Shift rows: Perform cyclic shifts on rows.
  3. Mix columns: Mathematical transformation of columns.

yNzM8AAAAAZJREFUAwBqlO6UL3zlGgAAAABJRU5ErkJggg==