birthday attack – WindowsTechs.com

Can KDF mitigate rekeying requirement for XTS?

Posted on April 17, 2020 by Elazar Leibovich

In NIST-800-57-1 it is implied that a key derived from a KDF, is as good as a key derived from a real CSPRNG, in 8.2.4(2):

If the keyderivation key is known by an adversary, he can generate any
of the derived keys. Therefore, keys de… Continue reading Can KDF mitigate rekeying requirement for XTS?→

HTTPS and OpenVPN face new attack that can decrypt secret cookies

Posted on August 24, 2016 by Dan Goodin

More than 600 sites found to be vulnerable to demanding exploit called Sweet32. Continue reading HTTPS and OpenVPN face new attack that can decrypt secret cookies→

New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption

Posted on August 24, 2016 by Michael Mimoso

Researchers have found a new way to recover and decrypt authentication cookies from 3DES and Blowfish protected traffic. In response, OpenSSL is expected to deprecate 3DES’ designation from high to medium. Continue reading New Collision Attacks Against 3DES, Blowfish Allow for Cookie Decryption→