This past Friday Cisco publicly disclosed a software vulnerability in the Cisco Cluster Management Protocol in Cisco IOS and Cisco IOS XE software. The following is our
What does “secure” mean for an authenticated cipher?
This week I am in Tokyo to present a research paper in cryptography at the 24th International Conference on Fast Software Encryption, the reference academic
On CIA Crypto
On Tuesday, Wikileaks released a tranche of alleged Top Secret CIA documents, many involving explanations of their cryptographic requirements. Reading through the documents turned out
Why Replace SHA-1 with BLAKE2?
Unless you’ve lived under a rock for the last twelve years, you must know that the cryptographic hash function SHA-1 is broken, in the sense
Responding to Ticketbleed
Today Cloudflare publicly disclosed a software vulnerability in the F5 BIG-IP appliance. The following is our action report for clients utilizing the BIG-IP appliance. It is
Wire Cryptography Audit (with X41 D-Sec)
Kudelski Security’s JP Aumasson and X41 D-Sec‘s Markus Vervier were hired to audit Wire‘s cryptography core, the Proteus library. Wire is an application for mobile and desktop