Hacker News
- Post-quantum confidentiality for TLS https://www.imperialviolet.org/2018/04/11/pqconftls.html 4 comments
- Maybe Skip SHA-3 https://www.imperialviolet.org/2017/05/31/skipsha3.html 182 comments
- CECPQ1 results https://www.imperialviolet.org/2016/11/28/cecpq1.html 6 comments
- BoringSSL https://www.imperialviolet.org/2015/10/17/boringssl.html 112 comments
- Why not DANE in browsers https://www.imperialviolet.org/2015/01/17/notdane.html 29 comments
- HSTS for new TLDs http://www.imperialviolet.org/2014/07/06/newtlds.html 42 comments
- Hash based signatures https://www.imperialviolet.org/2013/07/18/hashsig.html 2 comments
- NIST may not have you in mind http://www.imperialviolet.org/2012/10/21/nist.html 34 comments
- RSA public exponent size http://www.imperialviolet.org/2012/03/16/rsae.html 22 comments
- Overclocking SSL http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html 21 comments
Lobsters
- Maybe Skip SHA-3 https://www.imperialviolet.org/2017/05/31/skipsha3.html 5 comments security
- No, don't enable revocation checking https://www.imperialviolet.org/2014/04/19/revchecking.html 2 comments browsers , security
- Apple's SSL/TLS bug https://www.imperialviolet.org/2014/02/22/applebug.html 15 comments ios , mac , security
- Maybe Skip SHA-3 (ImperialViolet) https://www.imperialviolet.org/2017/05/31/skipsha3.html 37 comments crypto
- memcpy (and friends) with NULL pointers https://www.imperialviolet.org/2016/06/26/nonnull.html 3 comments programming
- ImperialViolet - Signed overflow in C https://www.imperialviolet.org/2016/05/15/signedoverflow.html 3 comments programming
- Was Maxwell's "personal reasons" to drop out of Core last week because of the discovery of backdoors he added to Juniper firewalls in 2012? https://www.imperialviolet.org/2015/12/19/juniper.html 29 comments btc
- Juniper's attackers may have used NSA's backdoored Dual_EC algorithm to infiltrate its firewalls. Juniper is still using Dual_EC, two years after it was discovered to be backdoored by the NSA https://www.imperialviolet.org/2015/12/19/juniper.html 2 comments technology
- Google replaced OpenSSL with BoringSSL for Chromium, Android M, and its production services https://www.imperialviolet.org/2015/10/17/boringssl.html 5 comments crypto
- ImperialViolet - AEADs: getting better at symmetric cryptography [Google's Adam Langley] https://www.imperialviolet.org/2015/05/16/aeads.html 5 comments crypto
- Checking that functions are constant time with Valgrind (2010) https://www.imperialviolet.org/2010/04/01/ctgrind.html 12 comments rust
- Why not DANE in browsers - ImperialViolet https://www.imperialviolet.org/2015/01/17/notdane.html 3 comments netsec
- ImperialViolet - The POODLE bites again [All but AEAD Cryptogaphically Broken] https://www.imperialviolet.org/2014/12/08/poodleagain.html#cryptographically%20broken 6 comments crypto
- Encrypting streams https://www.imperialviolet.org/2014/06/27/streamingencryption.html 6 comments netsec
- Google forks openssl, calls it 'boringssl'. https://www.imperialviolet.org/2014/06/20/boringssl.html 7 comments netsec
- Matching primitive strengths http://www.imperialviolet.org/2014/05/25/strengthmatching.html 3 comments netsec
- ImperialViolet - No, don't enable revocation checking https://www.imperialviolet.org/2014/04/19/revchecking.html 22 comments netsec
- TLS Symmetric Crypto https://www.imperialviolet.org/2014/02/27/tlssymmetriccrypto.html 9 comments crypto
- Apple's SSL/TLS bug https://www.imperialviolet.org/2014/02/22/applebug.html 285 comments programming
- Implementing fixes for the Lucky Thirteen attack on TLS CBC http://www.imperialviolet.org/2013/02/04/luckythirteen.html 3 comments netsec
- Revocation checking and Chrome's CRL [ImperialViolet] http://www.imperialviolet.org/2012/02/05/crlsets.html 3 comments netsec
- Classifying solutions to the certificate problem http://www.imperialviolet.org/2011/10/08/certaxis.html 3 comments netsec
- Smaller than Bloom filters http://www.imperialviolet.org/2011/04/29/filters.html 22 comments programming
- Overclocking SSL: "If there's one point that we want to communicate to the world, it's that SSL/TLS is not computationally expensive any more. Ten years ago it might have been true, but it's just not the case any more. You too can afford to enable HTTPS for your users." http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html 17 comments technology
- False Start: a Chromium experiment to speed up SSL/TLS setup. http://www.imperialviolet.org/2010/09/05/blacklisting.html 5 comments programming
- SSL/TLS is not computationally expensive any more. Ten years ago it might have been true, but it's just not the case any more. http://www.imperialviolet.org/2010/06/25/overclocking-ssl.html 37 comments programming
- Chrome 4: Protecting your users with Strict Transport Security http://www.imperialviolet.org/2010/01/26/sts.html 13 comments programming
- General Homomorphic Encryption - solves one of the oldest open problems in cryptography by means of a self-embedding technique reminiscent of Godel's theorem http://www.imperialviolet.org/2009/06/16/hal-finney-homomorphic.html 5 comments crypto
- General Homomorphic Encryption - solves one of the oldest open problems in cryptography by means of a self-embedding technique reminiscent of Godel's theorem http://www.imperialviolet.org/2009/06/16/hal-finney-homomorphic.html 7 comments netsec
- This file is both a HTML file and a literate Haskell program http://www.imperialviolet.org/binary/jpeg/ 8 comments programming