site: bristolcrypto.blogspot.com
Crypto 2017 - How Microsoft Wants to Fix the Internet
http://bristolcrypto.blogspot.com/2017/09/crypto-2017-how-microsoft-wants-to-fix.html [bristolcrypto.blogspot.com]
2017-09-06 03:38
tags:
compsci
networking
security
web
In the second invited talk at Crypto, Cédric Fournet from Microsoft Research presented the recent efforts of Project Everest (Everest VERified End-to-end Secure Transport), which seems an attempt to fix implementing TLS once and for all. Appropriately for such a gigantic task, more than a dozen researchers on three continents (and the UK) work on making it verifiable and efficient at the same time.
PKC 2017: Kenny Paterson accepting bets on breaking TLS 1.3
http://bristolcrypto.blogspot.com/2017/03/pkc-2017-kenny-paterson-accepting-bets.html [bristolcrypto.blogspot.com]
2017-03-30 02:30
tags:
crypto
networking
security
standard
The core part of TLS is the handshake protocol, which establishes the choice of ciphers and the session key. Kenny highlighted the high complexity stemming from the many choices (e.g., using a dedicated key exchange protocol or not) and the possible interaction with other protocols in TLS. Together with further weaknesses of the specification, this created the space for the many attacks we have seen.
PKC 2017: https://www.iacr.org/workshops/pkc2017/
RWC 2017 - Post-quantum cryptography in the real-world
http://bristolcrypto.blogspot.com/2017/01/rwc-2017-post-quantum-cryptography-in.html [bristolcrypto.blogspot.com]
2017-01-12 04:45
tags:
crypto
networking
quantum
security
standard
This year, for the first time in RWC, post-quantum cryptography (PQC) was given an entire session, clear sign that time is changing and the moment has come to bring the discussion to the real world. The message is clear: even if quantum computers are not popping up in tomorrow’s newspapers, we can’t postpone any longer.
RWC 2017 - Erasing Secrets from RAM
http://bristolcrypto.blogspot.com/2017/01/rwc-2017-erasing-secrets-from-ram.html [bristolcrypto.blogspot.com]
2017-01-09 18:16
tags:
c
crypto
malloc
programming
security
swtools
In short, it was found that in practice, many non-malicious programs handling keys and other sensitive data do not erase the RAM correctly.
RWC 2017 - A Formal Security Analysis of the Signal Messaging Protocol
http://bristolcrypto.blogspot.com/2017/01/rwc-2017-formal-security-analysis-of.html [bristolcrypto.blogspot.com]
2017-01-07 21:04
tags:
crypto
math
networking
paper
pdf
security
social
standard
Their proof is too long to be featured in this blog post, but Luke promises it is tedious rather than complex. Their conclusion? So far, so good.
Paper Study: Searchable Encryption
http://bristolcrypto.blogspot.com/2016/11/study-group-all-your-queries-are-belong.html [bristolcrypto.blogspot.com]
2016-11-10 16:23
tags:
cloud
crypto
paper
security
It’s hard to get prevent leaking.
Study Group - Dedup Est Machina
http://bristolcrypto.blogspot.com/2016/11/study-group-dedup-est-machina.html [bristolcrypto.blogspot.com]
2016-11-03 18:09
tags:
exploit
hardware
paper
security
systems
Commentary on the memory dedupe exploitation paper.