Table of contents

The mess that is our public-key infrastructure:
  1. The Internet is broken, can we please fix it? On Trustwave & MITM attacks.
  2. TACK, a proposal for dynamically 'pinning' certificates.
High-level intro posts:
  1. It's the end of the world as we know it, and I feel fine. Post-quantum crypto from 30,000 feet.
  2. What is the random oracle model and why should I care? An early series, a little embarrassing.
  3. What's TLS Snap Start? and So long False Start. On two (now withdrawn) TLS extensions.
  4. The future of electronic currency. On anonymous e-cash.
  5. Offline security through CAPTCHAs. A neat old idea for preventing dictionary attacks.
  6. Poker is hard, especially for cryptographers. All about mental poker.
  7. Fully-Homomorphic Encryption. Unfortunately this is still unfinished...
  8. Indifferentiability. On proofs of security for hash functions.
How to use cryptography (in)securely:
  1. How (not) to use symmetric encryption. A few of the worst pitfalls.
  2. What's the deal with RC4? A history of attacks on an old stream cipher.
  3. How to choose an authenticated encryption mode. Very important!
  4. Random number generation, an illustrated primer. A look under the hood.
  5. Surviving a bad RNG. What to do if your (P)RNG isn't carrying its weight. 
  6. Format preserving encryption. Or: how to encrypt a credit card number with AES.
  7. Circular security. A wonkier, more theoretical subject.
  8. On multiple encryption. Are you safer if you encrypt twice?
Crypto attack(s) of the week:
  1. A bad couple of years for the token industry. Padding attacks on cryptographic tokens.
  2. On the BEAST attackNote: written before the details were made public.
  3. XML Encryption. Why you should authenticate your ciphertexts.
  4. Side-channel attacks on DESFire. Neat.
  5. Datagram TLS. Alfardan & Paterson show that  timing attacks are (still) practical.
  6. 2011 Redux. A quick summary of a whole year.
  7. Satellite phone encryption is terrible. Attacks on two satphone ciphers. 
  8. The story of EAX(prime). And why security proofs are like Knight Rider.
  9. A tale of two patches. Analyzing two recent OpenSSL bugs.
Rants:
  1. Digital Fortress: I read it so you don't have to. Dan Brown embarrasses cryptography.
  2. Bram Cohen corrected. In which I randomly flame Bram Cohen.
  3. Bram Cohen corrects me? Bram turns out to be a good sport.
  4. Why Antisec matters. The security industry is a joke?
Miscellaneous
When I though this blog was a book:
  1. Introduction
  2. Where things fall apart: PrimitivesProtocols

6 comments:

  1. I always knew cryptography was complicated. I just wasn't expecting it to be that complicated.

    ReplyDelete
  2. This is great information for students. This article is very helpful i really like this blog thanks. I also have some information relevant for Dissertation Proofreading Services .

    ReplyDelete
  3. Good stuff. It is interesting to read comments.

    ReplyDelete
  4. I am very thankful to you for posting such stuff.This really help me lot.
    Logo Design Company

    ReplyDelete
  5. Hi, Are you well?

    Can you give me more blogs of you? I am a regular reader you’re this blog. Your viewed information about cryptographyengineering.com is so effective. You follow me by Welcome to Bitcoin Key. Do you know what is Bitcoin Secret? Obtain the Bitcoin Key Beginner Kit Today! Understand the Tricks of Bitcoin for 100 % free.

    Thanks For Only You Create That cute Article.

    ReplyDelete
  6. The table of content you have shared is very useful for all the visitors of this blog. I appreciate your article. Thanks for sharing.

    ReplyDelete