In this post, Senior Application Development Manager, Anand Shukla shares some tips to harden your web server’s SSL/TLS ciphers.I recently worked with a customer who had security requi… Read More
Today I sit in another abandoned sector of the empire. The Capitol View Library not far off of the D.C. landmark, the Shrimp Boat. Shrimp Boat where nobody really eats, but everybody knows… Read More
I wrote an article here about TLS 1.2 which listed out the cipher suite used to negotiate security settings (encryption) between a client and server via a Network Monitor trace. You ca… Read More
It's often convenient to SSH into your Web App container. In this post, I'll walk you through all of the details of doing so step-by-step.
The steps here apply to both App Service on Linux a… Read More
Today, we are announcing .NET Core 3 Preview 1. It is the first public release of .NET Core 3. We have some exciting new features to share and would love your feedback. You can develop .NET… Read More
Who better to learn about digital signatures from? Art by Kyume
Let’s talk about digital signature algorithms.
Digital signature algorithms are one of the coolest ideas to come o… Read More
If you’re reading this wondering if you should stop using AES-GCM in some standard protocol (TLS 1.3), the short answer is “No, you’re fine”.
I specialize in secur… Read More
A question I get asked frequently is, “How did you learn cryptography?”
I could certainly tell everyone my history as a self-taught programmer who discovered cryptography when… Read More
There seems to be a lot of interest among software developers in the various cryptographic building blocks (block ciphers, hash functions, etc.), and more specifically how they stack up agai… Read More
Since the IETF’s CFRG decided to recommend OPAQUE as a next-generation Password Authenticated Key Exchange, there has been a lot of buzz in the cryptography community about committing… Read More
The cryptography and information security experts who read my blog probably wonder from time to time, “Why furries though?” which I’ve spent ample time answering and hopefu… Read More
As we look upon the sunset of a remarkably tiresome year, I thought it would be appropriate to talk about cryptographic wear-out.
What is cryptographic wear-out?
It’s the thresho… Read More
A few years ago, when the IETF’s Crypto Forum Research Group was deeply entrenched in debates about elliptic curves for security (which eventually culminated in RFC 7748 and RFC 8032)… Read More
Cryptographers and cryptography engineers love to talk about the latest attacks and how to mitigate them. LadderLeak breaks ECDSA with less than 1 bit of nonce leakage? Raccoon attack brings… Read More
Nick Sarre
Nationality: United States
Nick Sarre is a cryptography scholar, information security expert, and author. Proficient in the field of encryption algorithm and information security… Read More
If you follow me on Twitter, you probably already knew that I attended DEFCON 30 in Las Vegas.
If you were there in person, you probably also saw this particular nerd walking around:
T… Read More