December 11, 2017
Today Hanno Böck, Juraj Somorovsky and Craig Young announced details of new work testing TLS implementations in the wild for Bleichenbacher's attack on RSA PKCS#1v1.5 encryption.
read moreJune 29, 2017
An interesting article at the recent IEEE Security & Privacy symposium carried out a usability study on Python crypto APIs. Participants with varying degrees of Python experience were given crypto programming tasks for which they had to use a given API (cryptography.io, Keyczar, PyNaCl, M2crypto or PyCrypto).
read moreFebruary 23, 2017
Today Google announced the first public full SHA-1 collision, i.e. the first pair of distinct values that when hashed with the SHA-1 function produce the same digest. This should not come as a surprise - it follows the free-start collisions announced at the end of 2015, and many cryptographers had been anticipating full SHA-1 collisions imminently.
read moreJuly 19, 2016
In collaboration with the University of Venice Ca' Foscari, we've been researching the protocols smartcards and authentication tokens use to communicate underneath the PKCS#11 API that's exposed to applications. These protocols tend to be quite different for each device.
read moreMarch 1, 2016
Today sees the public release of details of DROWN, another "full-stack" crypto vulnerability in TLS, involving new mathematical insights into the Bleichenbacher attack on PKCS#1v1.5 encryption, implementation bugs, failure to turn off old versions and real-world implementation data from Internet-wide scans showing that DROWN affects as many as 35% of HTTPS servers.
read moreFebruary 11, 2016
Welcome to the Golden Age of Applied Crypto ResearchThe year 2015 saw the publication of an unprecedented number of practical attacks on real cryptographic systems. Attacks like FREAK and LOGJAM which combine model-based testing of crypto code with state-of-the-art numerical algorithms for cryptanalysis give a taste of the kinds of capabilities that are available to sophisticated adversaries.
read moreNovember 23, 2015
Recent news about the discovery of free-start collisions for the SHA-1 hash function has attracted plenty of attention. But what does this mean for the security of SHA-1, and what should you do if you're using it?
read moreMay 1, 2015
Growth in cloud computing, smartphone use and interconnected devices means that even more of our private data is now at risk from hackers. Cryptography is being used more and more to secure this data, however it is notoriously hard to implement correctly.
read moreJune 19, 2014
A video of my recent talk at QCon London on crypto API security, How I Learned to Stop Worrying and Trust Crypto Again, is now online. Questions and feedback welcome.
read moreJune 13, 2014
The 7th workshop on Analysis of Security APIs will be held in Vienna University of Technology, Austria on 18th July 2014 as part of the Vienna Summer of Logic. The programme includes talks on low-cost HSMs made from smartcard chips, secure device enrollment, smart API fuzzing and a banking security wishlist. We'd be delighted to see you there, register here via the VSL registration page - select "FloC and Associated Workshops Week 2".
read more