Explore >> Select a destination
|
You are here 
|
www.mitls.org | ||
| | | | |
blog.cryptographyengineering.com
|
|
| | | | | This is the story of how a handful ofcryptographers 'hacked' the NSA.It's also a story of encryption backdoors, and why they never quite work out the way you want them to. But I think I'm getting ahead of myself a bit here. Today's Washington Post has the story of a nasty bugin some TLS/SSL servers... | |
| | | | |
martinralbrecht.wordpress.com
|
|
| | | | | Together with Lenka Mareková, Kenny Paterson, Eyal Ronen and Igors Stepanovs, we have finally completed our (first, formal, in-depth, computational) analysis of the Telegram key exchange. This work is going to be presented at Eurocrypt 2025 in Madrid. Abstract. We describe, formally model, and prove the security of Telegram's key exchange protocols for client-server communications.... | |
| | | | |
www.da.vidbuchanan.co.uk
|
|
| | | | | [AI summary] The author demonstrates how to engineer collisions in truncated versions of SHA-256 using parallel algorithms and GPU acceleration, while estimating the breaking costs for various hash lengths. | |
| | | | |
pboyd.io
|
|
| | | Here's a fun list to look through: Dumb Password Rules. Most of the rules seem arbitrary, like only allowing digits, but some hint at deeper problems. For instance, preventing single-quotes. They aren't inserting passwords into a database without a SQL placeholder, right? Nearly every site on that list has a needlessly short maximum password size. If they're storing passwords correctly, there's no need for this. This post will go through a few bad ways to store a password and you can see what I mean.... | ||
