Category Archives: Uncategorized

What is PFS and PCS?

A topic that is ultimatively important to understand the current discussions about secure and E2EE messaging is related to the different notions of secrecy. Assume some long-term keying material being compromised. What is the impact on the secrecy of the … Continue reading

Posted in Uncategorized | Leave a comment

“Off-the-record” (OTR) messaging

After the development and deployment of OpenPGP and S/MIME, it was commonly agreed that the secure messaging problem was solved, and that public key cryptography provides a viable solution: Digital signatures for authentication (and nonrepudiation) and digital envelopes for confidentiality … Continue reading

Posted in Uncategorized | Leave a comment

TLS 1.3

David Wong has created an animated TLS 1.3 specification that is more readable and accessible than the purely text-based RFC 8446.

Posted in Uncategorized | Leave a comment

TLS transcripts available for download

If you want to delve more deeply into the technical specificities and details of the TLS 1.2 and TLS 1.3 protocols, then you may consider downloading and analyzing two log files that have been captured with Wireshark (TLS12Handshake.pcapng for TLS … Continue reading

Posted in Uncategorized | Leave a comment

eSECURITY Academy

The 2019 program is available at esecurity.academy. There are several new courses and bootcamps on TLS 1.3, messaging security (including Signal and WhatsApp), cryptography, and cybersecurity.

Posted in Uncategorized | Leave a comment

Welcome to my eSECURITY Blog

Posted in Uncategorized | Leave a comment