SEARCH RESULTS
 
Showing 1-10 of 97 records
 
Expand article

A cryptographic hash function reading guide

2007-11-23 16:01:18 by George Danezis in Light Blue Touchpaper
 
...functions, as teams with candidate hash algorithms will bitterly try to find flaws in each others proposals to ensure that their function becomes SHA-3. To fully appreciate the details of this competition, some of us may want a quick refresher on how to build secure hash function Here is a list of on-line resources for catching up with the...
 
Tags: function, hash functions, cryptographic hash functions, functions, functions secure, design, hash function design, compression functions, secure hash function
 
 
 
 
Expand article

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle
 
...functions are implemented incorrectly, based on weak algorithms with known flaws, or used in an ineffective or insecure manner. Of particular concern is the fact that virtually all cryptographic key material is permanently hardcoded in the system (and is apparently identical in all Sequoia hardware shipped to different jurisdictions Software...
 
Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system
 
 
 
 
Expand article

Good hygiene and Banned APIs

2008-10-22 22:08:00 by sdl in The Security Development Lifecycle
 
...functions that lead to buffer overrun flaws and have been deprecated. In the Security Development Lifecycle book, an entire chapter is dedicated to the topic of banned function calls. In the book, we also provide a copy of the banned.h header file on the companion CD. This header file allows you to locate any banned functions in your code On...
 
Tags: header file, header, code, code reviews, runtime functions, functions, apis, w4-c4996 warnings, c4996 warnings
 
 
 
 
Expand article

America's Next Top Hash Function Begins

2008-11-20 02:00:00 by Bruce Schneier in Wired Security
 
...functions are the most commonly used cryptographic primitive, and the most poorly understood. You can think of them as fingerprint functions: They take an arbitrary long data stream and return a fixed length, and effectively unique, string. The security comes from the fact that while it's easy to generate the fingerprint from a file, it's...
 
Tags: hash function, sha, sha-3, algorithms, cool algorithms, sha family, nist held, unlike encryption algorithms, nist
 
 
 
 
Expand article

The Skein Hash Function

2008-10-29 04:35:29 by schneier in Schneier on Security
 
...functions, which have been increasingly under attack . (I wrote about an early NIST hash workshop here Skein is our submission (myself and seven others: Niels Ferguson , Stefan Lucks , Doug Whiting , Mihir Bellare , Tadayoshi Kohno , Jon Callas , and Jesse Walker). Here's the paper: Executive Summary Skein is a new family of cryptographic...
 
Tags: skein, hash function, function, implement skein-256, implement, skein hashes data, skein website, hashes data, key derivation function
 
 
 
 
Expand article

RIP Cisco PIX

The Article has images
2008-02-06 06:46:31 by HASH0x8bc6004 in StillSecure, After All These Years
...functions. I think that is true for both the mid-market and the enterprise market. What happens is after they buy the UTM and set up either the firewall or IPS or what have you, geek nature takes over. They can't help themselves but to experiment and tinker and see what the other functions can do and how they work. If these other functions...
 
Tags: pix, box, utm box, utm, pix boxes, boxes, pix owners, utm duty, analyst
 
 
 
 
Expand article

RIP Cisco PIX

The Article has images
2008-02-06 07:00:00 by ashimmy in StillSecure, After All These Years
...functions. I think that is true for both the mid-market and the enterprise market. What happens is after they buy the UTM and set up either the firewall or IPS or what have you, geek nature takes over. They can't help themselves but to experiment and tinker and see what the other functions can do and how they work. If these other functions...
 
Tags: pix, box, utm box, utm, pix boxes, boxes, pix owners, utm duty, analyst
 
 
 
 
Expand article

Banning function calls, assurance, and retrofitting

2008-03-18 19:48:00 by Security Retentive in Security Retentive
 
...functions defined. The list includes the standard cast such as scanf, strcpy, strcat, etc. On top of that though they add some things that didn't make Microsoft's list ; for example, rand I don't technically have a problem with including rand() in the list of things to be extremely careful about, but whereas it is nearly impossible to...
 
Tags: code review experience, code, security sensitive context, context, security critical context, unsafe context, static analyzer, file defects, rand
 
 
 
 
Expand article

Know the Difference Between a NAC Client and a 1X Supplicant

2008-06-05 17:01:00 by JJ in Security Uncorked
 
...functions such as host enforcement or it may serve as an encryption termination point for IPSec tunnels created between the endpoint and a firewall, for example. Im sure well be seeing more and more bells and whistles added to the NAC Clients as time goes by 802.1X Supplicant. An 802.1X supplicant is a different creature all together. First...
 
Tags: client, nac client license, nac, nac client licenses, nac solution, nac client, supplicant, licenses, supplicant licenses
 
 
 
 
Expand article

Relentless Reflection - What it Means in Risk Management

2008-08-26 17:55:40 by Alex in