Latest News

Read all latest blog posts

SLUBStick risk assessment for embedded systems
August 25, 2024

SLUBStick risk assessment for embedded systems

SLUBStick risk assessment for embedded systems The Linux kernel is susceptible to memory safety vulnerabilities due to its size and complexity.

Read More
What every CISO and security engineer should know about Intel CSME
July 16, 2021

What every CISO and security engineer should know about Intel CSME

Background The majority of infosec community are trying to ignore the risks below the OS in past decades but it’s impossible to bury all of them at low cost today.

Read More
VaultHSM report: The way to confirm whether the Smart Card (J3H145) supports RFC-6979 ECDSA implementation
July 7, 2021

VaultHSM report: The way to confirm whether the Smart Card (J3H145) supports RFC-6979 ECDSA implementation

Background The original implementation of DSA-type signature algorithm (including ECDSA) needs a random number which belongs to the same mathematical object of the private key (an element of GF(p), in which p is a prime number).

Read More
Public crypto audit report: lurch/OMEMO
June 17, 2021

Public crypto audit report: lurch/OMEMO

lurch/OMEMO Security Assessment Crypto is a neutral technology just like the natural existence (“For he makes his sun rise on the evil and on the good, and sends rain on the just and on the unjust.

Read More
Vault1317 protocol: a modern approach for metadata protection with deniability
June 2, 2021

Vault1317 protocol: a modern approach for metadata protection with deniability

vault1317/signal-dakez: An authenticated key exchange protocol with a public key concealing and a participation deniability designed for secure messaging Richard B.

Read More