Explore >> Select a destination
|
You are here 
|
luxsci.com | ||
| | | | |
blog.cryptographyengineering.com
|
|
| | | | | This is the story of how a handful ofcryptographers 'hacked' the NSA.It's also a story of encryption backdoors, and why they never quite work out the way you want them to. But I think I'm getting ahead of myself a bit here. Today's Washington Post has the story of a nasty bugin some TLS/SSL servers... | |
| | | | |
adsecurity.org
|
|
| | | | | [AI summary] The article discusses the POODLE vulnerability in SSL 3.0, explaining its risks, exploitation scenarios, and mitigation strategies such as disabling SSL 3.0 and implementing TLS_FALLBACK_SCSV. | |
| | | | |
social-biz.org
|
|
| | | | | This post is about secure internet protocols, and mainly about a bizarre phenomenon that prevents us from using SSL security in many situations where it would be useful. What is bizarre is that I don't think anyone intends it, but there seems to be a natural reaction that leads to less secure systems. While some... | |
| | | | |
soatok.blog
|
|
| | | Ever since the Invisible Salamanders paper was published, there has been a quiet renaissance within my friends and colleagues in applied cryptography for studying systems that use Authenticated Encryption with Associated Data (AEAD) constructions, understanding what implicit assumptions these systems make about the guarantees of the AEAD mode they chose to build upon, and the... | ||
