-
Software Development
Easter Hack: Even More Critical Bugs in SSL/TLS Implementations
It’s been some time since my last blog post – time for writing is rare. But today, I’m very happy…
Read More » -
Core Java
How to use ECC with OpenJDK
Everyone who ever tried to use Elliptic Curve Cryptography (ECC) in Java with an OpenJDK was either forced to use…
Read More » -
Core Java
Safely Create and Store Passwords
Nearly every time when it comes to user profiles it is necessary to manage user credentials and thus be able…
Read More » -
Enterprise Java
Browser-based Key Generation and interaction with the Browser’s Key/Certificate Store
Imagine the following scenario: You need to get a key (in the asymmetric case the user’s public key) from a…
Read More » -
Core Java
Weaknesses in Java Pseudo Random Number Generators (PRNGs)
This will be a sum up of a Paper written by Kai Michaelis, Jörg Schwenk and me, which was presented…
Read More » -
Software Development
A brief chronology of SSL/TLS attacks
I haven’t had a substantial post for quite a long time, so it’s time for something useful and interesting. Although…
Read More » -
Core Java
Hash Length Extension Attacks
In this post I will try to leave the summer slump behind and focus on more interesting things than complaining…
Read More » -
Software Development
How to deal with {conservative, intractable, annoying} APIs
Have you ever been fighting with an, at least for your current purpose, inflexible API? I picked up one of…
Read More » -
Core Java
Using the final keyword on method parameters
After some own confusion which specific meaning final declared method parameters have this blog entry will try to clarify this.…
Read More »
- 1
- 2