Collaborate Disseminate
I’m implementing an ElGamal encryption system for academic purposes but I am not sure of the latest recommendations, standards and state of the art literature about this. Note that my system is already implemented and fully working, I only… Continue reading ElGamal and discrete logarithm cryptography, modern standards and state of the art literature
I’m probably as guilty as anyone of reinventing the wheel for a subpart of a project. Heck, sometimes I just feel like working on a wheel design. But if that’s …read more Continue reading Make it Compatible
To my knowledge, there’s no common standard for sysadmins to publish trusted domains for specific use cases.
If it exists, I would presume that this might limit phishing attacks. Think of my question here as an extension of SPF/DMARC/DKIM,… Continue reading Is there a standard for fencing email domains to specific use cases?
Working on the architecture of automotive OTA security, and can find any security compliance requirement for it but R155.
Does anyone knowing if there are specific requirement for secure update? like requirement for key rotation and HSM.
… Continue reading Are there any security compliance policy or standard for OTA? [closed]
I have heard several conversations done with Klaus Schwab, the founder of the World Economic Forum.
He often talks on the dire need in a "Cyber security standardization" (between states).
What is it? What are the features/paramet… Continue reading What are these "cyber security standards" Klaus Schwab is talking about? [closed]
From the spec at https://www.w3.org/TR/permissions-policy-1/ it seems there is no way to whitelist features with a default blacklist, and each feature must be individually disabled in every single request – adding a few Kb to every complet… Continue reading Is HTTP header Permissions-Policy worth using if no features are used?
The PCI Security Standards Council (PCI SSC) announced the availability of the PCI Card Production and Provisioning Security Requirements version 3.0. The updated standard helps payment card vendors secure the components and sensitive data involved in … Continue reading PCI SSC updates card security standards to secure the card production process
Technology moves quickly these days as consumers continue to demand more data and more pixels. We see regular updates to standards for USB and RAM continually coming down the pipeline …read more Continue reading The Label Says HDMI 2.1 But That Doesn’t Mean You’ll Get It
I have a client who does payroll and taxes and is looking for a web app to easily communicate and transfer tax related documents for clients. I would assume that the IRS or someone would have some standard on how this type of data should b… Continue reading Security requirements for small tax software business
Today I read this blog entry by Yubico regarding Asynchronous Remote Key Generation. This proposal solves, in my view, the largest outstanding problem in the widescale adoption of challenge-response hardware authentication keys.
Some backg… Continue reading Status of Asynchronous Remote Key Generation in the developing WebAuthn standard?