Category Archives: Web Security

Logjam: How to Solve a Newly Discovered Vulnerability

From the discovery and description of Heartbleed vulnerability, more and more concepts of attacks on SSL/TLS protocol and related cryptography have been appearing regularly. This article focuses on the latest described vulnerability Logjam, which is related to weak keys in Diffie-Hellman key-exchange (further just DHE and DH). The Diffie-Hellman Key-Exchange Protocol The DH protocol is… Read More »

Certificate Transparency – Protection from Google

(20. 4. 2015) Certificate Transparency (further CT) is a function which increases the credibility of certificates. We wrote about it in November. You will find the theory in the article Certificate Transparency and Public Key Pinning. Today we are going to take a closer look at CT, especially its practical side and behaviour in Google Chrome browser.… Read More »