Table of contents

The mess that is our public-key infrastructure:

  1. The Internet is broken, can we please fix it? On Trustwave & MITM attacks.
  2. TACK, a proposal for dynamically ‘pinning’ certificates.
High-level intro posts:
  1. It’s the end of the world as we know it, and I feel fine. Post-quantum crypto from 30,000 feet.
  2. What is the random oracle model and why should I care? An early series, a little embarrassing.
  3. What’s TLS Snap Start? and So long False Start. On two (now withdrawn) TLS extensions.
  4. The future of electronic currency. On anonymous e-cash.
  5. Offline security through CAPTCHAs. A neat old idea for preventing dictionary attacks.
  6. Poker is hard, especially for cryptographers. All about mental poker.
  7. Fully-Homomorphic Encryption. Unfortunately this is still unfinished…
  8. Indifferentiability. On proofs of security for hash functions.
How to use cryptography (in)securely:
  1. How (not) to use symmetric encryption. A few of the worst pitfalls.
  2. What’s the deal with RC4? A history of attacks on an old stream cipher.
  3. How to choose an authenticated encryption mode. Very important!
  4. Random number generation, an illustrated primer. A look under the hood.
  5. Surviving a bad RNG. What to do if your (P)RNG isn’t carrying its weight. 
  6. Format preserving encryption. Or: how to encrypt a credit card number with AES.
  7. Circular security. A wonkier, more theoretical subject.
  8. On multiple encryption. Are you safer if you encrypt twice?
Crypto attack(s) of the week:
  1. A bad couple of years for the token industry. Padding attacks on cryptographic tokens.
  2. On the BEAST attackNote: written before the details were made public.
  3. XML Encryption. Why you should authenticate your ciphertexts.
  4. Side-channel attacks on DESFire. Neat.
  5. Datagram TLS. Alfardan & Paterson show that  timing attacks are (still) practical.
  6. 2011 Redux. A quick summary of a whole year.
  7. Satellite phone encryption is terrible. Attacks on two satphone ciphers. 
  8. The story of EAX(prime). And why security proofs are like Knight Rider.
  9. A tale of two patches. Analyzing two recent OpenSSL bugs.
  1. Digital Fortress: I read it so you don’t have to. Dan Brown embarrasses cryptography.
  2. Bram Cohen corrected. In which I randomly flame Bram Cohen.
  3. Bram Cohen corrects me? Bram turns out to be a good sport.
  4. Why Antisec matters. The security industry is a joke?
When I though this blog was a book:
  1. Introduction
  2. Where things fall apart: PrimitivesProtocols

5 thoughts on “Table of contents

  1. Hi, Are you well?

    Can you give me more blogs of you? I am a regular reader you’re this blog. Your viewed information about is so effective. You follow me by Welcome to Bitcoin Key. Do you know what is Bitcoin Secret? Obtain the Bitcoin Key Beginner Kit Today! Understand the Tricks of Bitcoin for 100 % free.

    Thanks For Only You Create That cute Article.

Comments are closed.