Latest News
Read all latest blog posts
SLUBStick risk assessment for embedded systems
SLUBStick risk assessment for embedded systems The Linux kernel is susceptible to memory safety vulnerabilities due to its size and complexity.
Read MoreWhat every CISO and security engineer should know about Intel CSME
Background The majority of infosec community are trying to ignore the risks below the OS in past decades but it’s impossible to bury all of them at low cost today.
Read MoreVaultHSM report: The way to confirm whether the Smart Card (J3H145) supports RFC-6979 ECDSA implementation
Background The original implementation of DSA-type signature algorithm (including ECDSA) needs a random number which belongs to the same mathematical object of the private key (an element of GF(p), in which p is a prime number).
Read MorePublic crypto audit report: lurch/OMEMO
lurch/OMEMO Security Assessment Crypto is a neutral technology just like the natural existence (“For he makes his sun rise on the evil and on the good, and sends rain on the just and on the unjust.
Read MoreVault1317 protocol: a modern approach for metadata protection with deniability
vault1317/signal-dakez: An authenticated key exchange protocol with a public key concealing and a participation deniability designed for secure messaging Richard B.
Read More