Cryptography & Security Newsletter: Bouncy Castle Java added support for Messaging Layer Security (RFC 9420). buff.ly/4cslVsF

The new challenges are now live! Good luck and have fun! cryptohack.org/challenges/

Cryptography & Security Newsletter 115 is out! In this issue: - RADIUS/UDP Considered Harmful - Entrust Partners with SSL.com - Short news feistyduck.com/newsletter/iss…

Dive deep into heap exploitation, glibc internals, and clever tricks with Tom Mansion latest write-up on a challenging HitconCTF 2024 heap pwn! blog.quarkslab.com/heap-exploitat…

Me looking for typos before submitting my paper. Vs me finding them IMMEDIATELY after submitting

It really works wonders

Three decades after Shor's breakthrough paper, NIST has posted the first post-quantum cryptographic FIPS standards 203: ML-KEM nvlpubs.nist.gov/nistpubs/fips/… 204: ML-DS nvlpubs.nist.gov/nistpubs/fips/… 205: state-based hash nvlpubs.nist.gov/nistpubs/fips/…

Are "MIFARE-compatible" contactless cards not playing fair? That's what you may wonder after Philippe Teuwen spotted some odd behavior. Curiosity led to experiments to devise a new attack technique that uncovered some backdoors. The RFID hacking spirit lives on! blog.quarkslab.com/mifare-classic…

Dive into crypto-condor, our open-source test suite for cryptographic primitives by Julio Loayza Meneses! Perfect for ensuring compliance & correctness in your implementations. Let's secure your cryptography together! blog.quarkslab.com/crypto-condor-… #cryptography

The Cryptodifference Engine: An in-depth look at differential fuzzing for harvesting crypto bugs, by Célian Glénaz blog.quarkslab.com/differential-f…

Hey folks! We’ve received many requests for more tickets, and we’re thrilled by your enthusiasm –especially since we had three times more tickets this year! 🤯 We’ll be releasing a few additional tickets Monday October, 14 at 7pm. Keep in mind, it’s a small batch! So, be ready 🏁

📄 End-to-end Encrypted Cloud Storage in the Wild: A Broken Ecosystem (To appear at ACM CCS 2024) Joint work with Jonas Hofmann. We analyzed five end-to-end encrypted cloud storage services and found severe vulnerabilities in four of them. 🌐: brokencloudstorage.info

Finding and chaining 4 vulns to exfiltrate encryption keys from the Android Keystore on Samsung series A* devices. Did you miss the "Attacking the Samsung Galaxy A* Boot Chain" talk by Maxime Rossi Bellom and Raphaël Neveu earlier this year ? Talk && PoC || GTFO: blog.quarkslab.com/attacking-the-…

Linux kernel instrumentation from Qemu and gdb: A technique to analyze binaries or kernel modules that may try to monitor themselves. In this blog post Professor Forgette Benoît explains the trick blog.quarkslab.com/linux-kernel-i…

NIST PQ Crypto: Additional Digital Signature Schemes round 2 announced: csrc.nist.gov/projects/pqc-d…

For all those who didn't get a place, this is YOUR chance! 🍀

Nouvelle PP, nouveau TN ! Nous profitons de l’un des événements emblématiques de la cyber, l’European Cyber Week, pour vous annoncer la date ou plutôt LES dates du #BreizhCTF2025 Retenez bien ces deux dates : 14 et 15 mars... + d’infos à venir. En attendant, voici le logo👀

Les axiomes de Peano sont des axiomes proposés à la fin du 19ème siècle par le mathématicien Italien Giuseppe Peano visant à définir ce que sont les nombres entiers naturels.

Quantum computers are not quite here yet, but now's the time to get ready. After updating their protocol in 2023, Signal is now proposing a post-quantum version of their Double Ratchet for message encryption. Let's see what Signal looks like now! blog.quarkslab.com/triple-threat-…

Have a look! ☺️