(This is an introductory level analysis of a scheme involving RSA. If you’re already comfortable with Bleichenbacher oracles you should skip it.)
Someone pointed me at the following suggestion on the Internet for encrypting secrets to people …
The ROCA RSA key generation flaw or ROBOT, the “Return Of Bleichenbacher” attack: which is most deserving of the “Best Cryptographic Attack” Pwnie award at the 2018 Black Hat USA conference? Only one can survive. Let us consider.
Assume for the …
Update: I don’t know if we can take credit for it or if it’s random chance, but I note OpenSSH changed its default in the release after this blog post. The system works!
The eslint-scope npm package got compromised recently, stealing npm …
TL;DR: if I ever told you to use Noise, I probably meant Noise_IK and should have been more specific.
The Noise protocol is one of the best things to happen to encrypted protocol design. WireGuard inherits its elegance from Noise. Noise is a …
Amidst the hubbub of the Efail PGP/SMIME debacle yesterday, the WireGuard project made a pretty momentous announcement: a MacOS command line version of the WireGuard VPN is now available for testing, and should stabilize in the coming few months. I’m …
We’re less interested in empowering developers and a lot more pessimistic about the prospects of getting this stuff right.
There are, in the literature and in the most sophisticated modern systems, “better” answers for many of these items. If you’re …
Sep 30, 2018
6 minutes read
1185