Posts
Google has released Project Wycheproof, a set of security tests that
check cryptographic software libraries for known weaknesses. Having
developed over 80 test cases more than 40 security bugs have been
uncovered.
In order to have good cryptography two ingredients require to be in place. The first is the strength of the cipher primitive itself. This is a property that classifies it as suitable or not to build an application on. For example in the TLS protocol, documented in "SSL and TLS Deployment Best Practices-Use Secure Cipher Suites" not all ciphers are recommended for use. In that list for example, we find some obsolete cryptographic primitives that are not secure and must be avoided:
full article on i-programmer
In order to have good cryptography two ingredients require to be in place. The first is the strength of the cipher primitive itself. This is a property that classifies it as suitable or not to build an application on. For example in the TLS protocol, documented in "SSL and TLS Deployment Best Practices-Use Secure Cipher Suites" not all ciphers are recommended for use. In that list for example, we find some obsolete cryptographic primitives that are not secure and must be avoided:
full article on i-programmer
Comments