Mini-thread on this latest Lucky13 research which includes two issues found in our Open Source Amazon s2n implementation of SSL/TLS ...https://twitter.com/IACRePrint/status/1030417029747146753 …
-
-
I hope that topic gets more research! It's a hard trade-off to balance. OpenSSL's CT approach also broke, leading to LuckyMinus20, arguably a more serious issue than the one it was meant to fix. The real answer is to use algorithms designed for CT! Thankfully AES-GCM is better.
Show this thread -
Last tweet for now! PR for our SHA384 changes:https://github.com/awslabs/s2n/pull/824 …
Show this thread
End of conversation
New conversation -
Loading seems to be taking a while.
Twitter may be over capacity or experiencing a momentary hiccup. Try again or visit Twitter Status for more information.