Category Archives: security

Unbreakable Encryption with Secure Hardware and Geopolitics

From supercomputers to IoT – processors (or chips) are everywhere. Computer chips protecting our privacy and security would first travel the world to get designed, fabricated, and personalized. Even if we had an unbreakable encryption algorithm, it may be defeated by its manufacturing. Let’s exploit superpowers and their influence to create a practical unbreakable encryption.

Continue reading Unbreakable Encryption with Secure Hardware and Geopolitics

Transaction Security with Slow Clock and Counter – How to Conjure Up Entropy

I love cryptography. It’s an abstract science, where I can define a problem, come up with a solution and prove it (eventually). I also like applying cryptography as it involves real world (users, limitations of computers, …), which messes everything up and turns pure mathematics into a fun game. Continue reading Transaction Security with Slow Clock and Counter – How to Conjure Up Entropy

Self-driving Cyber Security – Step 1: Professional PKI

Many companies drive their computer systems without wearing seatbelts, even though they know and constantly witness they risk being injured by cyber crashes. There are simple economic reasons for this. It is not the unavailability of cyber “seat belts”, but the difficulty of putting them in. Enigma Bridge technology gives customers self-driving cyber-security for safe navigation through the cyberspace and protection of its payload.

Continue reading Self-driving Cyber Security – Step 1: Professional PKI

How Certbot and Letsencrypt Work (DNS and SNI-TLS automation)

We introduce an integration plugin for Let’s Encrypt. It provides integration for a variety of mechanisms that enable and simplify verification of domain control and certificate installation. We already tested it with Dehydrated (former letsencrypt.py) . It supports all existing verification methods: DNS, HTTP and TLS-SNI, in their current versions “01”.

Continue reading How Certbot and Letsencrypt Work (DNS and SNI-TLS automation)

Letsencrypt’s Vulnerability Or Feature – Eternal Account Key

 

The growth of Let’s Encrypt is phenomenal – 7 million certificates in last four months. The remaining hurdle for automation is verification of domain ownership. Well, actually it is NOT true. We were doing syntax testing – hoping to get the right kind of verification error … only to discover we have been successfully verified without providing any information.

Continue reading Letsencrypt’s Vulnerability Or Feature – Eternal Account Key