We have previously announced a timelocked responsible disclosure and it is accessible since February 23, 2023 at 00:00 (CEST). The previously encrypted report can now
Author: Sylvain Pelissier
Announcing a timelocked responsible disclosure
We are announcing here a timelocked responsible disclosure which will be released the 23 February 2023 at 00:00 (CEST) made with timevault.drand.love: Wait! what does
Practical fault attacks against SM4
During the Hardwear.io 2022 conference, Nicolas and I presented hardware attacks against the SM4 block cipher. In this post, I’ll give more details about the
OpenSSL 3 Buffer overflow vulnerabilities: CVE-2022-3786 and CVE-2022-3602
Note: This Bulletin was contributed to by Kudelski Security’s Threat Detection & Research Team. Specifically Mark Stueck. Executive Summary On the 25th of October, the
GPG Memory Forensics
Pretty Good Privacy (PGP) and the open source implementation GNU Privacy Guard (GPG) are encryption solutions following the OpenPGP standard. Even if GPG has been
Practical bruteforce of AES-1024 military grade encryption
I recently presented work on the analysis of a file encryption solution that claimed to implement “AES-1024 military grade encryption“. Spoiler alert: I did not