« earlier | later » Page 8 of 11

miTLS - Home edit / delete

A formally verified implementation of TLS. (Being written in F# means it's a bit impractical to use as a library, though...)

to cryptography formal-methods security tls verification ... on 28 April 2014

BetterCrypto⋅org edit / delete

Practical recommendations for TLS settings.

to cryptography security ssl tls ... on 28 April 2014

Cryptography Coding Standard edit / delete

Patterns for secure cryptographic software (e.g. same comparisons).

to cryptography patterns programming safety security ... on 27 April 2014

Diffie Hellman and TLS with nonsense parameters - Hanno's blog edit / delete

Apparently quite a lot of TLS implementations will happily accept 15 as a prime for DH key exchange. Presumably even if they were checking you could rely on the probabilistic test too...

to cryptography dh prime security ssl testing tls ... on 16 April 2014

Embedded in Academia : A New Development for Coverity and Heartbleed edit / delete

What Coverity is doing to detect the Heartbleed problem (in short: treating n2hs-style functions as generating tainted results).

to coverity security ssl static-analysis tls ... on 14 April 2014

Using Frankencerts for Automated Adversarial Testing of Certificate Validation in SSL/TLS Implementations edit / delete

Generating randomly-varied certificates and comparing how different implementations respond to them.

to ca certificate papers security ssl testing tls ... on 13 April 2014

ImperialViolet - Apple's SSL/TLS bug edit / delete

The famous copy-and-paste error.

to ag0700 goto security ssl tls ... on 25 March 2014

jedisct1/libsodium · GitHub edit / delete

An autoconf-ised version of the NaCl cryptography library. Looks worth playing with!

to api autoconf crypto djb nacl network security software ... on 17 January 2014

Eben Moglen: Snowden and the Future edit / delete

Eben Moglen is very angry.

to freedom politics security snowden ... on 15 December 2013

About Crossbear | pki.net.in.tum.de|crossbear.org edit / delete

"Crossbear is a tool that aims to detect and localise Man-in-the-middle (MitM) attacks on the SSL/TLS [and SSH] protocols." It works by comparing the certificate you get with what others got from different locations. (I imagine CDNs will break this as usual...)

to ca certificate security ssh ssl tls ... on 14 December 2013

« earlier | later » Page 8 of 11

Browser bookmarks: tasty+ | tasty= Log in | Export | Atom

Tags related to security

- security
 
1 + academia
1 + access-control
1 + acme
1 + ag0700
1 + ag0803
2 + ag0907
6 + amusements
2 + api
1 + architecture
1 + arduino
3 + arm
1 + authentication
1 + autoconf
1 + avr
1 + backdoor
1 + bell-labs
1 + bitcoin
1 + blockchain
1 + bounds-checking
1 + bounty
1 + browser
2 + buffer
2 + buffer-overflow
2 + bug
2 + bugs
1 + build-systems
2 + c
2 + c++
4 + ca
1 + camera
1 + capability
1 + capsicum
4 + ccc
4 + certificate
1 + certificates
1 + cesrg
1 + checking
1 + chromium
1 + chroot
1 + clang
1 + cloud
1 + code
3 + compiler
1 + conference
2 + container
1 + coop
1 + coverage
1 + coverage-directed
1 + coverity
2 + cpu
1 + crime
10 + crypto
12 + cryptography
1 + cs
1 + cypherpunks
1 + debian
1 + debugging
1 + dect
1 + design
1 + dh
2 + djb
1 + ebooks
1 + ecc
1 + economics
1 + el0805
1 + elective
3 + electronics
3 + encryption
2 + ers
1 + ethereum
1 + ethical-hacking
1 + ethics
3 + exploit
1 + firefox
1 + folk-song
4 + formal-methods
1 + freedom
3 + fuzzing
2 + gameboy
5 + games
1 + gcc
1 + git
1 + goto
2 + gpg
1 + gsm
2 + hardening
5 + history
1 + homebrew
1 + homeplugav
1 + http
1 + https
1 + intel
1 + ip
1 + ipsec
1 + javascript
1 + journalism
1 + jquery
1 + kerberos
3 + kernel
1 + keyboard
1 + keylogger
1 + langsec
2 + language-design
1 + letsencrypt
1 + library
1 + licensing
12 + linux
1 + livecd
1 + lts
1 + luks
1 + lvm
1 + mac
1 + memory-safety
1 + metaphors
2 + mgo
1 + microcode
4 + microcontroller
1 + mmc
1 + mod-ers
1 + monitoring
3 + nacl
5 + network
6 + networking
1 + noise
1 + notary
1 + ocaml
1 + openssh
2 + openssl
1 + org
2 + os
2 + overflow
2 + p2p
1 + packet
1 + pam
2 + papers
1 + parser
1 + password
1 + patterns
1 + pgp
2 + philosophy
2 + phone
1 + phreaking
1 + pki
1 + playstation
1 + podcasts
2 + politics
1 + porting
1 + prime
2 + privacy
1 + privilege-separation
4 + programming
1 + proof
1 + ps2
2 + python
1 + radio
1 + ramensky
1 + random
1 + research
3 + retrocomputing
1 + retrotech
6 + reverse-engineering
1 + risc
1 + rop
1 + safe
2 + safety
4 + sandbox
1 + scanner
1 + scm
1 + scotland
1 + sd
1 + search
2 + seccomp
1 + shuffle
1 + sni
1 + snowden
14 + software
6 + software-engineering
3 + ssh
12 + ssl
4 + static-analysis
1 + stoll
1 + strategy
1 + support
1 + syscall
1 + systems
1 + tandy
1 + tcp
1 + tea
6 + teaching
1 + telecom
5 + testing
14 + tls
2 + tor
1 + tunnel
4 + unix
1 + usability
1 + usable-security
2 + usb
1 + validation
1 + varan
3 + verification
1 + video
1 + vlc
1 + vpn
1 + vulnerabilities
1 + vulnerability
3 + web
1 + webcam
1 + whistleblowing
2 + wireless
1 + wpa
1 + writing
1 + x86
1 + xbox