Author Archives: Rolf
Is Post-Quantum Cryptography (PQC) used in the field?
As of this writing, there are a few early adopters who have already implemented and rolled out Kyber-enhanced hybrid PQC, such as Signal with its post-quantum extended Diffie-Hellman (PQXDH) , Apple with PQ3 for iMessage, Google with respective cipher suites … Continue reading
Is it possible to have Wireshark decrypt SSL/TLS traffic?
When SSL/TLS is in use, Wireshark only sees encrypted data by default. This is a problem, if one wants to use Wireshark to inspect and view an SSL/TLS handshake protocol transcript. To make SSL/TLS traffic accessible to Wireshark, it is … Continue reading
What is GCM and how does it work?
Galois/Counter Mode (GCM) is a standardized mode of operation for a block cipher that provides authenticated encryption with associated data (AEAD). As such, it has many applications in the field – especially when combined with the Advanced Encryption Standard (AES). … Continue reading
What is Keccak and SHA-3?
Keccak is a cryptographic hash function that was submitted to the respective NIST competition in 2007. It won the competition and finally became the SHA-3 standard in 2012. As such, it nicely complements SHA-2 and is specified in FIPS PUB … Continue reading
Why is Key Commitment relevant in Authenticated Encryption?
In a recent ePrint report, Ange Albertini et al. point out a subtle problem that is also relevant for authenticated encryption and AE(AD) ciphers: There are file formats that are not mutually exclusive in the sense that the content of … Continue reading
How do Renegotiation and Triple Handshake Attacks work in TLS?
Both attacks refer to a man-in-the-middle (MITM) attacks, in which an adversary – acting as a MITM – tries to inject data before the client is properly authenticated. This data is then passed to the application together with the data … Continue reading
What is Salsa20 and ChaCha20?
Salsa20 is a new variable-round stream cipher developed by Dan Bernstein in 2005. It is used in many Internet applications as a replacement for RC4 that has been shown to have statistical defects. ChaCha20 is a modified version of Salsa20 … Continue reading
CALL FOR QUESTIONS
Please, leave your question as a comment to this post or e-mail it to cryptolog@esecurity.ch. In either case, your question is highly appreciated.