Posted in Security Software

Elliptic Curve Cryptography: computing shared key

Elliptic Curve Cryptography: computing shared key

If Alice and Bob want to exchange encrypted messages, they need to first agree on a Key. This shared key (also known as symmetric key) will be used to by both parties to encrypt messages. There are many ways of arriving at the shared key (including the old fashioned ... read more

Continue Reading...
Posted in Security Software

Perils of Unreachable Code — was it deliberate?

There is no substitute for detailed code reviews, more so if the code is related to security. Any changes to such code, however minor, should be reviewed. However, in addition, it also helps if the compiler, tools etc can help in flagging potential errors.

Take the case of the very serious security error in ... read more

Continue Reading...
Posted in Security Software World

Security, Privacy and Post-it notes: what to make of the recent revelations

If you work in the computer security area, it is like drinking from the fire hose, what with the daily revelations about snooping and spying by the NSA. So much to talk, write and discuss. Comedians (and their writers) get excited when interesting politicians become newsmakers, as it makes their jobs much easier and more ... read more

Continue Reading...
Posted in Security Software

lastpass is even better with 2-factor authentication — Google Authenticator

If you are not using lastpass to manage your passwords, you should. I had written some blog articles on lastpass. Now lastpass has added support for using Google Authenticator as the second factor in multi-factor authentication. The first factor in the 2-factor authentication is “what you know” which is a password — the ... read more

Continue Reading...