Crypto - The Cloudflare Blog (Page 3)

December 28, 2017 6:22PM

How "expensive" is crypto anyway?

Crypto Speed & Reliability Security SSL TLS RSA

I wouldn’t be surprised if the title of this post attracts some Bitcoin aficionados, but if you are such, I want to disappoint you. For me crypto means cryptography, not cybermoney, and the price we pay for it is measured in CPU cycles, not USD....

Vlad Krasnov

December 26, 2017 8:30PM

Why TLS 1.3 isn't in browsers yet

Crypto TLS TLS 1.3 Security Research

Upgrading a security protocol in an ecosystem as complex as the Internet is difficult. You need to update clients and servers and make sure everything in between continues to work correctly. The Internet is in the middle of such an upgrade right now....

Nick Sullivan

December 26, 2017 4:53PM

Concise (Post-Christmas) Cryptography Challenges

Crypto Community Security

It's the day after Christmas; or, depending on your geography, Boxing Day. With the festivities over, you may still find yourself stuck at home and somewhat bored....

Junade Ali

December 24, 2017 4:57PM

TLS 1.3 is going to save us all, and other reasons why IoT is still insecure

IoT TLS 1.3 TLS Security Crypto Gatebot DDoS

As I’m writing this, four DDoS attacks are ongoing and being automatically mitigated by Gatebot. Cloudflare’s job is to get attacked. Our network gets attacked constantly....

Dani Grant

November 10, 2017 11:06AM

On the dangers of Intel's frequency scaling

Security OpenSSL SSL Crypto

While I was writing the post comparing the new Qualcomm server chip, Centriq, to our current stock of Intel Skylake-based Xeons, I noticed a disturbing phenomena....

Vlad Krasnov

November 09, 2017 4:05PM

Privacy Pass - “The Math”

During a recent internship at Cloudflare, I had the chance to help integrate support for improving the accessibility of websites that are protected by the Cloudflare edge network....

By

Alex Davidson

Crypto , Privacy Pass , Security , CAPTCHA , Chrome

November 09, 2017 4:00PM

Cloudflare supports Privacy Pass

Cloudflare supports Privacy Pass, a recently-announced privacy-preserving protocol developed in collaboration with researchers from Royal Holloway and the University of Waterloo....

By

Nick Sullivan

Privacy , CAPTCHA , Privacy Pass , Firefox , Chrome

November 08, 2017 8:03PM

ARM Takes Wing: Qualcomm vs. Intel CPU comparison

One of the nicer perks I have here at Cloudflare is access to the latest hardware, long before it even reaches the market. Until recently I mostly played with Intel hardware....

By

Vlad Krasnov

SSL , OpenSSL , Compression , Speed & Reliability , LUA

November 06, 2017 6:07AM

LavaRand in Production: The Nitty-Gritty Technical Details

As some of you may know, there's a wall of lava lamps in the lobby of our San Francisco office that we use for cryptography. In this post, we’re going to explore how that works in technical detail....

By

Joshua Liebow-Feeser

LavaRand , Entropy , Security , Crypto

November 06, 2017 5:54AM

Randomness 101: LavaRand in Production

As some of you may know, there's a wall of lava lamps in the lobby of our San Francisco office that we use for cryptography. In this post, we’re going to explore how that works....

By

Joshua Liebow-Feeser

LavaRand , Entropy , Security , Crypto

October 20, 2017 5:23PM

Performing & Preventing SSL Stripping: A Plain-English Primer

Over the past few days we learnt about a new attack that posed a serious weakness in the encryption protocol used to secure all modern Wi-Fi networks....

By

Junade Ali

SSL , Crypto , HTTPS , Security , Attacks

September 26, 2017 2:00PM

Geo Key Manager: How It Works

Today we announced Geo Key Manager, a feature that gives customers control over where their private keys are stored with Cloudflare. This builds on a previous Cloudflare innovation called Keyless SSL and a novel cryptographic access control mechanism....

By

Nick Sullivan

Product News , SSL , HTTPS , Birthday Week , Crypto

September 12, 2017 5:29PM

Understanding the prevalence of web traffic interception

This post summarizes how prevalent encrypted web traffic interception is and how it negatively affects online security according to a study published at NDSS 2017 authored by several researchers including the author of this post and Nick Sullivan of Cloudflare....

By

Guest Author

Crypto , TLS , HTTPS , Security , Attacks

September 01, 2017 9:48PM

SIDH in Go for quantum-resistant TLS 1.3

Most of today's cryptography is designed to be secure against an adversary with enormous amounts of computational power. This means estimating how much work certain computations require, and choosing cryptographic parameters based on our best estimates....

By

Henry de Valence

Crypto , TLS 1.3 , TLS , Security , Programming