SEARCH RESULTS
 
Showing 1-8 of 8 records
1
 
Expand article

Skein and SHA-3 News

2008-11-19 06:14:48 by schneier in Schneier on Security
 
There are two bugs in the Skein code. They are subtle and esoteric, but they're there. We have revised both the reference and optimized code -- and provided new test vectors -- on the Skein website . A revision of the paper -- Version 1.1 -- has new IVs, new test vectors, and also fixes a few typos in the paper. Errata: Version 1.1 of the paper,...
 
Tags: skein, skein-1024, skein-512, skein express surprise, skein website, skein code, submissions share, submissions, code
 
 
 
 
Expand article

What Does SHA1 is Broken Mean?

2007-12-12 07:35:00 by Eric Marvets in The Security Samurai
 
For those of you Slashdot readers out there, you may have heard by now that SHA1 is broken. Recently I did some security videos for Microsoft, and decided that SHA1 was the best hash function for the example (modifying an existing application to store hashed passwords The videos I did were part of the How Do I series, and not exactly the place...
 
Tags: sha1, choose sha1, sha1 protects, hash data, data, sha1 drops, hash function, hash, function
 
 
 
 
Expand article

"Crawling" Toward SDL

2008-03-06 22:13:00 by sdl in The Security Development Lifecycle
 
Hey everyone, Jeremy Dallman here One of the phrases I often hear during vision and strategy planning meetings at Microsoft is "What is the crawl, walk, run?" We use this phrase to differentiate the initial activities that will get us quickly moving toward our larger goals and then supplement them with other activities that may require longer...
 
Tags: sdl, security, perform security analysis, application security, application, applications security, security issues, issues, non-microsoft sdl engagements
 
 
 
 
Expand article

Got Entropy ?

2008-04-02 02:55:47 by Erik T. Heidt in Art of Information Security
 
So I have been planning a series of podcasts on Cryptographic Controls. In the process of this planning, I fell into one of the classic traps that crypto-geeks fall into: obsessing about random number generators (RNGs FYI, for the impatient, click here There are two ways to generate random numbers on computers: (1) use a software program called...
 
Tags: entropy, random, 32-byte random, byte, hardware random, entropy sources, sequence, random sequence, pull entropy
 
 
 
 
Expand article

Bull crams crypto chips into bootable USB hard disk drive

2008-04-18 13:00:00 by Editor in Computerworld Security News
 
French IT company Bull has fitted a portable hard drive with a cryptographic processor capable of scrambling data on the fly at 100Mbit/sec. using AES-256 encryption
 
Tags: cryptographic processor capable, portable hard drive, company bull, aes-256 encryption, french, 100mbitsec, data
 
 
 
 
Expand article

Improve Security with "A Layer of Hurt"

2008-07-31 19:13:00 by sdl in The Security Development Lifecycle
 
Hello, Michael here I got a lot of interesting comments from my TechEd 2008 presentation entitled, "How To Review Your Code And Test For Security Bugs," but the most comments and questions were reserved for fuzz testing; I was blown away by the number of people who thought fuzz testing was hard, or that you only left fuzz testing to leet...
 
Tags: layer, code layer, code, decent code coverage, fuzz, void fuzz, ifdef fuzz, code examples, perform fuzz
 
 
 
 
Expand article

Cisco 7600 OSR Backbone Router

The Article has images
2008-09-06 11:25:02 by Tim Bass in The Complex Event Processing Blog
For our confused CEO blogger over at StreamBase, who thinks an Internetbackbone router is the small $30 device he set up in his home office, here is a photo of a the Cisco 7600 OSR which of course runs CISCO IOS The Cisco 7600 OSR consists of a 256 Gbps switching fabric and a 30 million packets per second (mpps) forwarding engine. Its breadth...
 
Tags: cisco, cisco flexwan module, osr, runs cisco ios, base cisco, cisco ios, services, destination sensitive services, osr system
 
 
 
 
Expand article

America's Next Top Hash Function Begins

2008-11-20 02:00:00 by Bruce Schneier in Wired Security
 
You might not have realized it, but the next great battle of cryptography began this month. It's not a political battle over export laws or key escrow or NSA eavesdropping, but an academic battle over who gets to be the creator of the next hash standard Hash functions are the most commonly used cryptographic primitive, and the most poorly...
 
Tags: hash function, sha, sha-3, algorithms, cool algorithms, sha family, nist held, unlike encryption algorithms, nist
 
 
 
 
 
Showing 1-8 of 8 records
1
 
RELATED VIDEO
Expand / Minimize
SecurityRatty FAQ
Sergey Zarubin, 31yo
CISSP, CCSP
Moscow, Russia