recentpopularlog in


« earlier   
Towards A Safer Footgun |
Modern symmetric encryption is built around Authenticated Encryption with Associated Data (AEAD) constructions: combinations of ciphers and message authentication codes which provide strong guarantees of both confidentiality and integrity. These constructions avoid the “doom principle” which made so many older cryptosystems vulnerable to online attacks, but many of the standard AEAD constructions have problems of their own.
What’s an AEAD?

An AEAD is essentially a pair of functions:...
encryption  cryptography  security 
yesterday by hellsten
An Exclusive Look at How AI and Machine Learning Work at Apple
Three years earlier, Apple had been the first major tech company to integrate a smart assistant into its operating system. Siri was the company’s adaptation of a standalone app it had purchased, along with the team that created it, in 2010. Initial reviews were ecstatic, but over the next few months and years, users became impatient with its shortcomings. All too often, it erroneously interpreted commands. Tweaks wouldn’t fix it.
cryptography  security  science  ml 
2 days ago by vancura
Read Practical Cryptography With Go | Leanpub
This is a book about cryptography: how to communicate securely. There are several objectives that cryptography aims to solve: confidentiality, integrity, and authenticity. It also helps solve some other problems that come up in secure communications, but it’s important to remember that it isn’t a complete solution to security problems. In this book, we’ll look at how to build secure systems; some of the problems that cryptography does not solve will also be pointed out. This book will attempt to guide you in your attempt to understand how to use cryptography to secure your services, and illustrate it using the Go programming language.
go  golang  cryptography  security  programming  books  ebooks 
2 days ago by dlkinney
Have I been pwnd? Password and intrusion targets - Troy Hunt
"[Troy Hunt] created HIBP as a free resource for anyone to quickly assess if they may have been put at risk due to an online account of theirs having been compromised or "pwned" in a data breach. I wanted to keep it dead simple to use and entirely free so that it could be of maximum benefit to the community.

"Short of the odd donation, all costs for building, running and keeping the service currently come directly out of [his] own pocket. Fortunately, today's modern cloud services like Microsoft Azure make it possible to do this without breaking the bank!"

Pwned Passwords

Pwned Passwords are 551,509,767 real world passwords previously exposed in data breaches. This exposure makes them unsuitable for ongoing use as they're at much greater risk of being used to take over other accounts. They're searchable online below as well as being downloadable for use in other online system.
security  password  encryption  login  search  HIBP  cryptography  EMail  data  breach  hash  rainbow 
2 days ago by Tonti
SHA1 Salted Hashing & Password Storage
"Salted SHA is near useless: Sorry to be the bearer of bad news (actually, one of many bearers), but the ease, speed and price with which salted SHA can be cracked for the vast majority of passwords is just too simple.

Use an adaptive hashing algorithm: You have numerous options, some of which have been discussed here. Choose one – with appropriate care.

Strike a balance between speed and performance: Slower algorithms increase computing overhead so tailor the work factor to suit both the capability of the infrastructure and the volume of the audience."
security  password  hash  salt  SHA  cryptography  login  rainbow  table  crack  hack  GPU  Moore's  Law  Moore 
2 days ago by Tonti
Modular conversion, encoding and encryption online — Cryptii
Web app offering modular conversion, encoding and encryption online. Translations are done in the browser without any server interaction. This is an Open Source project, code licensed MIT.
Crypto  cryptography  MIT  Project  Encrypt  Enigma  Machine  Online 
2 days ago by smitchell
Chess Steganography
This is a tool to encode/decode data in chess games. It first encodes the input data as a bignum, and then encodes the bignum in the move choices in the chess game. The "without blunders" mode uses p4wn to try to avoid playing bad moves. This mode is less likely to arouse suspicion among actual chess players, but results in longer games.
chess  crypto  cryptography  steganography 
7 days ago by kybernetikos

Copy this bookmark:

to read