What Is Web Metadata Encryption and Why Is It Important?
Apr 23,
2019
Your data may be encrypted when you use https, but what about your metadata? I wrote about metadata and eavesdropping earlier this year – it is, among other things, the URLs of the websites you visit. If attackers can access this information, they can learn some potentially confidential information about you, and you are unlikely […]
Comments on the DROWN Vulnerability
Mar 30,
2016
I manage some sites that use Transport Layer Security(TLS). That is, they serve pages using URLs that begin with “https.” I was interested, therefore, in the discovery of yet another implementation bug in SSL/TLS implementations. This is the DROWN (Decrypting RSA with Obsolete and Weakened eNcryption) vulnerability. At the end of this post are links […]
Keeping Secrets: Setting a Cipher Mode
Jan 29,
2016
Earlier this week we considered ways to split the many choices of ciphers (or encryption algorithms): symmetric versus asymmetric, and block versus stream. The block symmetric ciphers do the heavy lifting, they are used for large data sets. But one block symmetric cipher can be operated in various modes, and the selection of mode depends […]
802.11i,
AES,
AES-CCMP,
AES-GCM,
block cipher,
block cipher mode,
encryption,
stream cipher,
TLS,
web security,
wireless security,
WPA2
Let’s Encrypt Issues First Certificate
Nov 2,
2015
The promise of free TLS certificates came a step closer to reality earlier in September, when Let’s Encrypt issued its first certificate and applied to the root programs for Mozilla, Google, Microsoft, and Apple according to the Let’s Encrypt Blog. I have installed their root certificate in my browser already – it is easy and […]
Analyzing Browsers’ and Servers’ SSL and TLS Usage for a More Secure Internet
May 21,
2015
Bob Cromwell blog post on LibreSSL mentioned the POODLE attack recently. POODLE has caused a lot of discussion of SSL (Secure Sockets Layer), TLS (Transport Layer Security) and corresponding browser and server support. Browsers support different encryption algorithms and security protocols to allow users to access sites that support those protocols. Likewise sites support different encryption […]