🦞🌯 Lobster Roll

Thread

SHA-1 is a Shambles (sha-mbles.github.io)
L 50 pts 25 comments by fcbsd Jan 7, 2020 security thread

Stories related to "SHA-1 is a Shambles" across the full archive.

SSLShader - GPU-accelerated SSL Proxy (shader.kaist.edu)
L 2 pts 0 comments by inactive-user Aug 1, 2012 security Security / Privacy thread
Exploiting SHA-1-signed messages (journal.batard.info)
L 6 pts 0 comments by inactive-user Aug 26, 2012 security Security / Privacy thread
SHA-3 to Be Announced (schneier.com)
L 10 pts 0 comments by jcs Sep 24, 2012 security Security / Privacy thread
NIST Selects Winner of Secure Hash Algorithm (SHA-3) Competition (nist.gov)
L 7 pts 3 comments by inactive-user Oct 2, 2012 security Programming Languages / CS TheorySecurity / Privacy thread
Keccak: The New SHA-3 Encryption Standard (drdobbs.com)
L 6 pts 2 comments by sschaubs May 7, 2013 security Security / Privacy thread
Intel SHA Extensions for hardware offloading of SHA-1 and SHA-256 (software.intel.com)
L 5 pts 4 comments by jcs Jul 24, 2013 hardwaresecurity Security / PrivacyMaker / DIY / Hardware thread
What the heck is going on with NIST’s cryptographic standard, SHA-3? (cdt.org)
L 4 pts 0 comments by inactive-user Sep 27, 2013 security Security / Privacy thread
Why Android SSL was downgraded from AES256-SHA to RC4-MD5 in late 2010 (op-co.de)
L 4 pts 0 comments by journeysquid Oct 14, 2013 androidsecurity Security / Privacy thread
Microsoft Recommending Disabling RC4 and SHA1 (blogs.technet.com)
L 4 pts 1 comments by jcs Nov 12, 2013 securitywindows Security / Privacy thread
SHA1: http://blogs.technet.com/b/srd/archive/2013/11/12/security-advisory-2880823-recommendation-to-discontinue-use-of-sha-1.aspx
Sharking: High-Rollers in the Crosshairs (f-secure.com)
L 7 pts 0 comments by kway Dec 11, 2013 security Security / Privacy thread
The National Security Agency’s oversharing problem (arstechnica.com)
L 2 pts 0 comments by jm Dec 20, 2013 lawnewssecurity Security / PrivacyInternet / Digital Culture thread
Secure your rsync shares, please. (blog.steve.org.uk)
L 2 pts 0 comments by henkjan Feb 13, 2014 privacysecurity Security / Privacy thread
TLS Triple Handshakes (imperialviolet.org)
L 4 pts 0 comments by inactive-user Mar 3, 2014 security Security / Privacy thread
How Turtl has no idea when you're sharing copyrighted stuff (turtlapp.tumblr.com)
L 5 pts 1 comments by journeysquid Mar 31, 2014 privacysecurity Security / Privacy thread
Attack of the Week: [TLS] Triple Handshakes (3Shake) (blog.cryptographyengineering.com)
L 18 pts 0 comments by kbuck Apr 24, 2014 security Security / Privacy thread
SHA-256 certificates are coming (imperialviolet.org)
L 2 pts 0 comments by inactive-user May 14, 2014 security Security / Privacy thread
New algorithm shakes up cryptography (sciencedaily.com)
L 5 pts 2 comments by andrewcooke May 16, 2014 mathsecurity Programming Languages / CS TheorySecurity / PrivacyScience / Math / Physics thread
Anyone have more info? How does the small characteristic restriction affect things?
Malicious SHA-1 (malicioussha1.github.io)
L 11 pts 2 comments by inactive-user Aug 5, 2014 security Security / Privacy thread
Chromium: Gradually Sunsetting SHA-1 (blog.chromium.org)
L 6 pts 0 comments by journeysquid Sep 6, 2014 browserssecurity Web DevelopmentSecurity / Privacy thread
Hardware accelerated SHA-1 (straymindcough.blogspot.com)
L 3 pts 0 comments by haxor Jan 29, 2015 assemblysecurity Systems / Low-Level / OSSecurity / PrivacyMaker / DIY / Hardware thread
Decrypting TLS Browser Traffic With Wireshark - The Easy Way (jimshaver.net)
L 11 pts 0 comments by jcs Feb 12, 2015 security Web DevelopmentSecurity / Privacy thread
Delegation is the Cornerstone of Civilization: Sharing in Sandstorm.io (blog.sandstorm.io)
L 6 pts 0 comments by inactive-user May 5, 2015 security Security / PrivacyCulture / Philosophy / History / Reading thread
Designing a Secret Handshake: Authenticated Key Exchange as a Capability System (dominictarr.github.io)
L 4 pts 0 comments by dominic Jun 26, 2015 networkingpdfsecurity Data / Databases / InfrastructureSecurity / Privacy thread
Describes the design of a Authenticated Key Exchange for a secure-channel protocol
NIST Releases SHA-3 Cryptographic Hash Standard (nist.gov)
L 9 pts 7 comments by calvin Aug 10, 2015 mathsecurity Security / PrivacyScience / Math / Physics thread
A New Design for Cryptography’s Black Box (indistinguishability obfuscation) (quantamagazine.org)
L 2 pts 0 comments by craigstuntz Sep 10, 2015 compscimathprivacysecurity Programming Languages / CS TheorySecurity / PrivacyDesign / UX / VisualizationScience / Math / Physics thread
Proposal to allow SHA-1 certs to be issued through 2016 (cabforum.org)
L 6 pts 2 comments by twotwotwo Oct 2, 2015 security Security / Privacy thread
Via Patrick Donahue of CloudFlare, @prdonahue on Twitter. To pass, 2/3 of CAs and 1/2 of browser vendors in the CA/Browser forum must vote for; the browser vendors are Microsoft (proposer), Google, Apple, Mozilla, Opera, and a China-based company called Qihoo 360. Unclear if any members might ignore...
freestart collisions for SHA-1 (sites.google.com)
L 24 pts 10 comments by fcbsd Oct 8, 2015 security Security / Privacy thread
SHA-1 signatures are now considered unsafe.
SHA-1 Freestart Collision (schneier.com)
L 7 pts 0 comments by pushcx Oct 9, 2015 security Security / Privacy thread
Your Unhashable Fingerprints Secure Nothing (hackaday.com)
L 11 pts 1 comments by pushcx Nov 12, 2015 security Security / Privacy thread
Faking the TCP handshake (lgms.nl)
L 11 pts 0 comments by journeysquid Nov 30, 2015 networkingsecurity Data / Databases / InfrastructureSecurity / Privacy thread