Explore >> Select a destination
|
You are here 
|
blog.intothesymmetry.com | ||
| | | | |
pentesterlab.com
|
|
| | | | | In this blog post, we cover how to exploit algorithm confusion against JWT when elliptic curves are used (EC256, EC512). | |
| | | | |
andrea.corbellini.name
|
|
| | | | | [AI summary] The text discusses the fundamentals of Elliptic Curve Cryptography (ECC), focusing on Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Digital Signature Algorithm (ECDSA). It explains how ECDH enables secure key exchange and how ECDSA allows for digital signatures. The text also covers the importance of secure random number generation in ECDSA, highlighting the risks of using a predictable or static secret key, as seen in the PlayStation 3 incident. The discussion includes code examples for ECDH and ECDSA operations and the consequences of poor implementation practices. The text concludes by mentioning future articles on solving discrete logarithms and ECC compared to RSA. | |
| | | | |
paragonie.com
|
|
| | | | | JWT, JWE, JWS, etc. are terrible designs and need to be scrapped, not resuscitated. | |
| | | | |
android-developers.googleblog.com
|
|
| | | News and insights on the Android platform, developer tools, and events. | ||
