Speaking at ICMC 2018

I am thrilled to announce that I will be speaking at the International Cryptographic Module Conference in Ottawa.  I along […]

ROBOT Attacks TLS_RSA ciphers

A nearly twenty year old vulnerability in SSL using RSA for encryption has been retooled to exploit current implementations of […]

Recommended TLS Ciphers

Use: TLS v1.1 and 1.2 Avoid: TLSv1.0 or lower or SSLv3 or lower TLS Recommended Ciphers: TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 as defined in […]

ISO 27001 and Common Criteria

How does Common Criteria relate to ISO 27001?  ISO 27001:2013 is a standard that covers a company’s Information Security Management […]

SSH Algorithms to Use

For SSHv2 key exchange: Recommended: diffie-hellmann-group14-sha1 (2048 bit) for SSH key exchange Allowed:  ecdh-sha2-nistp256, ecdh-sha2-nistp384, and ecdh-sha2-nistp521 Avoid: diffie-hellman-group1-sha1 (768 bit),diffie-hellman-group2-sha1 […]

IPsec Algorithms

Use: AES-CTR-128, AES-CTR-256, AES-GCM-128, AES-GCM-256 Avoid: AES-CBC-128, AES-CBC-256 IKEv1 Phase 1 exchanges use only main mode IKEv1 and IKEv2 SA […]