Skip to main content

Project Wycheproof Reveals Bugs In Popular Crypto Libraries

Google has released Project Wycheproof, a set of security tests that check cryptographic software libraries for known weaknesses. Having developed over 80 test cases more than 40 security bugs have been uncovered.

In order to have good cryptography two ingredients require to be in place. The first is the strength of the cipher primitive itself. This is a property that  classifies it as suitable or not to build an application on. For example in the TLS protocol, documented in "SSL and TLS Deployment Best Practices-Use Secure Cipher Suites" not all ciphers are recommended for use. In that list for example, we find some obsolete cryptographic primitives that are not secure and must be avoided:

full article on i-programmer

Comments

Popular posts from this blog

Ingres vs Postgres MVCC Explained With Neo4j's LLM Knowledge Graph Builder

 LLM Knowledge Graph Builder is an application designed to turn unstructured data such as pdfs, text documents, YouTube videos, and web pages, into a knowledge graph stored in Neo4j, promising much better accuracy than simple RAG (Retrieval-Augmented Generation). https://www.i-programmer.info/news/80-java/17967-ingres-vs-postgres-mvcc-explained-with-neo4js-llm-knowledge-graph-builder-.html

The Advent of SQL 2024 Has Commenced

  It's Advent - the time of year when we countdown the days to Christmas - and if your are a programmer complete daily coding challenges with the Advent of Code, the Advent of Perl, the Advent of Java, Javascriptmas, etc. Now we have the Advent of SQL too with 24 SQL challenges to complete before Christmas! https://www.i-programmer.info/news/204-challenges/17678-the-advent-of-sql-2024-has-commenced.html