{"id":1148,"date":"2012-10-27T22:57:35","date_gmt":"2012-10-27T20:57:35","guid":{"rendered":"http:\/\/cerezo.name\/blog\/?p=1148"},"modified":"2024-10-14T13:48:41","modified_gmt":"2024-10-14T11:48:41","slug":"assorted-links-compsec","status":"publish","type":"post","link":"http:\/\/cerezo.name\/blog\/2012\/10\/27\/assorted-links-compsec\/","title":{"rendered":"Assorted Links (CompSec)"},"content":{"rendered":"<ol>\n<li style=\"list-style-type: none;\">\n<ol>\n<li style=\"text-align: justify;\"><a href=\"https:\/\/crypto.stanford.edu\/%7Edabo\/pubs\/abstracts\/ssl-client-bugs.html\" target=\"_blank\" rel=\"noopener\">The most dangerous code in the world: validating <span class=\"caps\">SSL<\/span> certificates in non-browser software<\/a>. Yet another round of broken implementations of the <span class=\"caps\">SSL<\/span> protocol.<\/li>\n<li style=\"text-align: justify;\"><a href=\"http:\/\/www.cs.unc.edu\/~reiter\/papers\/2012\/CCS.pdf\" target=\"_blank\" rel=\"noopener\" class=\"broken_link\">Cross-VM Side Channels and Their Use to Extract Private Keys<\/a>: first practical proof that we shall not run <span class=\"caps\">SSL<\/span> servers or any cryptographic software in a public cloud.<\/li>\n<li style=\"text-align: justify;\"><a href=\"http:\/\/www.wired.com\/threatlevel\/2012\/10\/dkim-vulnerability-widespread\/\" target=\"_blank\" rel=\"noopener\" class=\"broken_link\">Short keys used on <span class=\"caps\">DKIM<\/span><\/a>: the strange case of the race to use the shortest <span class=\"caps\">RSA<\/span>&nbsp;keys.<\/li>\n<li style=\"text-align: justify;\"><a href=\"http:\/\/eprint.iacr.org\/2012\/601\" target=\"_blank\" rel=\"noopener\">How to Garble <span class=\"caps\">RAM<\/span> Programs<\/a>: Yao\u2019s garbled circuits may turn to be practical.<\/li>\n<li style=\"text-align: justify;\"><a href=\"http:\/\/accumulo.apache.org\/\" target=\"_blank\" rel=\"noopener\">Apache Accumulo<\/a>: NSA\u2019s secure BigTable.<\/li>\n<\/ol>\n<\/li>\n<\/ol>\n","protected":false},"excerpt":{"rendered":"<p>The most dangerous code in the world: validating <span class=\"caps\">SSL<\/span> certificates in non-browser software. Yet another round of broken implementations of the <span class=\"caps\">SSL<\/span> protocol. Cross-VM Side Channels and Their Use to Extract Private Keys: first practical proof that we shall not run <span class=\"caps\">SSL<\/span> servers or any cryptographic software in a public cloud. Short keys used&nbsp;on&nbsp;[\u2026]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"open","sticky":false,"template":"","format":"standard","meta":{"wp_typography_post_enhancements_disabled":false,"ngg_post_thumbnail":0},"categories":[6,16,18],"tags":[],"_links":{"self":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts\/1148"}],"collection":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/comments?post=1148"}],"version-history":[{"count":4,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts\/1148\/revisions"}],"predecessor-version":[{"id":1573,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/posts\/1148\/revisions\/1573"}],"wp:attachment":[{"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/media?parent=1148"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/categories?post=1148"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/cerezo.name\/blog\/wp-json\/wp\/v2\/tags?post=1148"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}