Acerca de la seguridad real de las claves de 1920 bits

En Febrero de 2017 se reportó la vulnerabilidad conocida como Return of Coppersmith’s Attack (ROCA) con CVE-2017-15361 y que afectó entre otros dispositivos a una gran cantidad de DNIs electrónicos con chip gemalto. La solución aplicada en el caso de los DNIs fue revocar (impedir uso futuro) las claves afectadas y expedir nuevas claves de […]

Continue reading

Some notes on cipher choices and TLS1.3

After some discussion about TLS1.3 and ciphers with a few colleagues, I have decided to write a short summary of “the basics” you need to know as a developer. Here I will also explain shortly a bit which niche each of the 5 ciphers aims for and what the hash function they contain is actually […]

Continue reading

Using secure pseudonymous identifiers to protect identification numbers

By now you probably have read of the Equifax data leakage. This reminded me of the idea of secure pseudonymous identifiers I had been thinking on for some time. Secure pseudonymous identifiers make use of cryptography to make it hard or impossible to recover the original identifiers representing a specific person. To be sincere, I […]

Continue reading