March 10, 2014 4:30PM
ECDSA: The digital signature algorithm of a better internet
TLS
HTTPS
Crypto
Elliptic Curves
RSA
Security
This blog post is dedicated to the memory of Dr. Scott Vanstone, popularizer of elliptic curve cryptography and inventor of the ECDSA algorithm. He passed away on March 2, 2014....
February 14, 2014 1:00AM
Introducing Strict SSL: Protecting Against a On-Path Attack on Origin Traffic
TLS
HTTPS
Crypto
Encryption
SSL
Security
At CloudFlare, we are always looking for ways to improve the security of our customers’ websites. One of the features we provide is the ability to serve their website encrypted over SSL/TLS....
January 29, 2014 12:00PM
Killing RC4 (softly)
RC4
Crypto
OpenSSL
Encryption
Vulnerabilities
Back in 2011, the BEAST attack on the cipher block chaining (CBC) encryption mode used in TLS v1.0 was demonstrated. At the time the advice of experts (including our own) was to prioritize the use of RC4-based cipher suites....
January 06, 2014 12:00PM
How the NSA (may have) put a backdoor in RSA’s cryptography: A technical primer
Crypto
Privacy
There has been a lot of news lately about nefarious-sounding backdoors being inserted into cryptographic standards and toolkits. One algorithm, a pseudo-random bit generator, Dual_EC_DRBG, was ratified by the National Institute of Standards and Technology (NIST) in 2007....
November 21, 2013 9:00AM
Red October: CloudFlare’s Open Source Implementation of the Two-Man Rule
Crypto
Open Source
Encryption
RSA
GitHub
TLS
Security
At CloudFlare, we are always looking for better ways to secure the data we’re entrusted with. This means hardening our system against outside threats such as hackers, but it also means protecting against insider threats....