May 7, 2020

ANSSI TLS recommendations v1.2 in Cryptosense Discovery

Our cryptography service discovery site discovery.cryptosense.com detects servers under a given domain name and runs SSH and TLS scanners against each of them. The results are checked against best practices carefully defined by Cryptosense. You can also choose to check your results against other widely known standards: ECRYPT and NIST.

Cryptosense Discovery now provides a new standard, “ANSSI”, based on the recent new version of the security recommendations for TLS by ANSSI, the French government cybersecurity agency.

Why would I care about recommendations from ANSSI?

Broadly speaking, ANSSI is the French equivalent of NIST, and their recommendations are usually meant for French OIVs (Opérateur d’importance vitale – companies and agencies considered vital for the French economy and the security of the state), and anyone who wants to supply technology to the French government.

However, even if you are outside those categories, the ANSSI have real experience of state-level actor attack capabilities, so it’s interesting to see what they recommend.

Continue reading →

August 1, 2019

New cryptography in .NET Core 3.0

What’s the difference between cryptography in .NET Framework and .NET Core?

A large part of the .NET APIs are common to both .NET Core and .NET Framework. Microsoft even released the .NET Standard, a subset of .NET APIs provided by all .NET implementations, to simplify things for cross-implementation developers. However, there are still significant differences between Core and Framework, and cryptography is one of them.

Continue reading →