Daily Archives: 27/10/2012

Assorted Links (CompSec)

Leave a reply
    1. The most dangerous code in the world: validating SSL certificates in non-browser software. Yet another round of broken implementations of the SSL protocol.
    2. Cross-VM Side Channels and Their Use to Extract Private Keys: first practical proof that we shall not run SSL servers or any cryptographic software in a public cloud.
    3. Short keys used on DKIM: the strange case of the race to use the shortest RSA keys.
    4. How to Garble RAM Programs: Yao’s garbled circuits may turn to be practical.
    5. Apache Accumulo: NSA’s secure BigTable.