Category Archives: Uncategorized
What is PFS and PCS?
A topic that is ultimatively important to understand the current discussions about secure and E2EE messaging is related to the different notions of secrecy. Assume some long-term keying material being compromised. What is the impact on the secrecy of the … Continue reading
“Off-the-record” (OTR) messaging
After the development and deployment of OpenPGP and S/MIME, it was commonly agreed that the secure messaging problem was solved, and that public key cryptography provides a viable solution: Digital signatures for authentication (and nonrepudiation) and digital envelopes for confidentiality … Continue reading
TLS 1.3
David Wong has created an animated TLS 1.3 specification that is more readable and accessible than the purely text-based RFC 8446.
TLS transcripts available for download
If you want to delve more deeply into the technical specificities and details of the TLS 1.2 and TLS 1.3 protocols, then you may consider downloading and analyzing two log files that have been captured with Wireshark (TLS12Handshake.pcapng for TLS … Continue reading
eSECURITY Academy
The 2019 program is available at esecurity.academy. There are several new courses and bootcamps on TLS 1.3, messaging security (including Signal and WhatsApp), cryptography, and cybersecurity.