TLS version intolerance

Working around bugs in legacy TLS stacks

Slides from a short talk at the Berlin AppSec & Crypto Meetup, a continuation of Hanno Böck’s talk about TLS version intolerance from a month before. He explained how with TLS 1.3 just around the corner there again are growing compatibility concerns about legacy TLS stacks. I covered the … » READ MORE «

Keeping secrets with JavaScript

An Introduction to the WebCrypto API

With the web slowly maturing as a platform the demand for cryptography in the browser has risen, especially in a post-Snowden era. Many of us have heard about the upcoming Web Cryptography API but at the time of writing there seem to be no good introductions available. We will take a look at the … » READ MORE «