Posted in Languages Security Software

Web Assembly in a browser and beyond — Crypto Example

Web Assembly

  • is a low level portable binary format (bytecode) for a stack-based virtual machine

  • is a W3C web standard, that runs in a sandbox, on all major browsers

  • runs nearly as fast as native machine code, and enables high performance applications on the Web

  • language, hardware and platform independent (unlike Java applets and

... read more
Continue Reading...
Posted in Security

2017 Security Recap

Cryptographers and Security Researchers have a penchant for coming up with colorful acronyms and names which describe, in brief, the vulnerability or exposure. Some are them are BEAST, CRIME, ShellShock, SLOTH, POODLE, Lucky 13, Sweet32, Smurf, Petya, BlackNurse, FREAK, DROWN, BREACH, LOGJAM, HeartBleed, CloudBleed, TicketBleed, Fireball, CLOAK and DAGGER, WANNACRY, SambaCry, HIDDEN COBRA, BroadPwn, Blueborne, ... read more

Continue Reading...
Posted in Security World

First SHA-1 collision, birthday paradox, should you rehash your will?

One of the most important properties of a cryptographic hash function is that of “Strong collision-resistance“, that is, it should be “computationally infeasible” to find distinct inputs x, x’ such that hash(x) = hash(x’).

For the SHA-1 hash function, which generates a 160 bit hash, to have strong collision resistance, only ... read more

Continue Reading...
Posted in Security Software

Not so Uber security

I am a happy customer of Ola. I decided to try Uber. I installed the Uber app on my wife’s Android mobile and tried to register with her email address and got the message “Email address already in use“. I don’t recall registering with Uber and thought that my wife had done so. ... read more

Continue Reading...