« earlier | later » Page 1 of 3
Kryptos Logic Research: OpenSSL's squaring bug, and opportunistic formal verification
Detecting an OpenSSL bug (after the fact) using formal verification. Interesting because the original formal proof was wrong...
to formal-methods openssl security ssl ... on 16 March 2015
David A. Wheeler's Personal Home Page
Includes several well-written, comprehensive postmortems on noteworthy security bugs (e.g. Heartbleed) -- probably of interest to security students.
SecurityEngineering/x509Certs - MozillaWiki
With up-to-date instructions for running your own CA.
to ca certificate mozilla ssl tls x509 ... on 26 August 2014
Attempting to establish a CA on the cooperative model.
to ca certificate coop cryptography security ssl tls ... on 26 July 2014
Practical recommendations for TLS settings.
to cryptography security ssl tls ... on 28 April 2014
Diffie Hellman and TLS with nonsense parameters - Hanno's blog
Apparently quite a lot of TLS implementations will happily accept 15 as a prime for DH key exchange. Presumably even if they were checking you could rely on the probabilistic test too...
to cryptography dh prime security ssl testing tls ... on 16 April 2014
Embedded in Academia : A New Development for Coverity and Heartbleed
What Coverity is doing to detect the Heartbleed problem (in short: treating n2hs-style functions as generating tainted results).
to coverity security ssl static-analysis tls ... on 14 April 2014
Generating randomly-varied certificates and comparing how different implementations respond to them.
to ca certificate papers security ssl testing tls ... on 13 April 2014
ImperialViolet - Apple's SSL/TLS bug
The famous copy-and-paste error.
Moserware: The First Few Milliseconds of an HTTPS Connection
Nice overview of what exactly is going on when establishing a TLS connection, with packet dumps and brief explanations of the maths.
to ag0803 crypto dump networking packet ssl tls ... on 17 December 2013
« earlier | later » Page 1 of 3
- ssl | |
1 | ag0700 |
1 | ag0803 |
1 | bugs |
5 | ca |
4 | certificate |
1 | certificates |
1 | coop |
1 | coverity |
2 | crypto |
5 | cryptography |
1 | dh |
1 | dovecot |
1 | dsa |
1 | dump |
2 | firefox |
1 | formal-methods |
1 | goto |
1 | gpg |
2 | http |
1 | https |
1 | key |
1 | mozilla |
1 | networking |
1 | openssl |
1 | packet |
1 | papers |
1 | pgp |
1 | pki |
1 | prime |
1 | rsa |
12 | security |
1 | sni |
5 | software |
3 | ssh |
23 | ssl |
1 | static-analysis |
2 | testing |
10 | tls |
1 | web |
2 | x509 |
tasty by Adam Sampson.