Research - The Cloudflare Blog (Page 5)

March 18, 2019 5:47PM

Monsters in the Middleboxes: Introducing Two New Tools for Detecting HTTPS Interception

HTTPS Malware Security Speed & Reliability Research

The practice of HTTPS interception continues to be commonplace on the Internet. This blog post discusses types of monster-in-the-middle devices and software, and how to detect them....

September 21, 2018 1:00PM

Roughtime: Securing Time with Digital Signatures

Crypto Week Security TLS OCSP Research Cryptography

When you visit a secure website, it offers you a TLS certificate that asserts its identity. Every certificate has an expiration date, and when it’s passed due, it is no longer valid....

Christopher Patton

September 17, 2018 2:01PM

Cloudflare goes InterPlanetary - Introducing Cloudflare’s IPFS Gateway

Crypto Week Security IPFS Universal SSL SSL DNSSEC HTTPS Research Cryptography

Today we’re excited to introduce Cloudflare’s IPFS Gateway, an easy way to access content from the the InterPlanetary File System (IPFS) that doesn’t require installing and running any special software on your computer....

Andy Parker

August 11, 2018 12:00AM

A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)

Encryption TLS TLS 1.3 HTTPS Security Research Cryptography

TLS 1.3 (RFC 8446) was published today. This article provides a deep dive into the changes introduced in TLS 1.3 and its impact on the future of internet security....

Nick Sullivan

March 23, 2018 2:45PM

Introducing Certificate Transparency and Nimbus

Certificate Authority Security HTTPS SSL Research Cryptography

Certificate Transparency (CT) is an ambitious project to help improve security online by bringing accountability to the system that protects HTTPS. Cloudflare is announcing support for this project by introducing two new public-good services....

Nick Sullivan

December 26, 2017 8:30PM

Why TLS 1.3 isn't in browsers yet

Upgrading a security protocol in an ecosystem as complex as the Internet is difficult. You need to update clients and servers and make sure everything in between continues to work correctly. The Internet is in the middle of such an upgrade right now....

By

Nick Sullivan

TLS , TLS 1.3 , Security , Research , Cryptography

December 14, 2017 7:41PM

Inside the infamous Mirai IoT Botnet: A Retrospective Analysis

This post provides a retrospective analysis of Mirai — the infamous Internet-of-Things botnet that took down major websites via massive distributed denial-of-service using hundreds of thousands of compromised Internet-Of-Things devices....

By

Guest Author

DDoS , Attacks , Security , Vulnerabilities , Bots

November 09, 2017 4:05PM

Privacy Pass - “The Math”

During a recent internship at Cloudflare, I had the chance to help integrate support for improving the accessibility of websites that are protected by the Cloudflare edge network....

By

Alex Davidson

Privacy Pass , Security , CAPTCHA , Chrome , Firefox

November 09, 2017 4:00PM

Cloudflare supports Privacy Pass

Cloudflare supports Privacy Pass, a recently-announced privacy-preserving protocol developed in collaboration with researchers from Royal Holloway and the University of Waterloo....

By

Nick Sullivan

Privacy , CAPTCHA , Privacy Pass , Firefox , Chrome

September 26, 2017 2:00PM

Geo Key Manager: How It Works

Today we announced Geo Key Manager, a feature that gives customers control over where their private keys are stored with Cloudflare. This builds on a previous Cloudflare innovation called Keyless SSL and a novel cryptographic access control mechanism....

By

Nick Sullivan

Product News , SSL , HTTPS , Birthday Week , Security

July 10, 2017 1:43PM

High-reliability OCSP stapling and why it matters

At Cloudflare our focus is making the internet faster and more secure. Today we are announcing a new enhancement to our HTTPS service: High-Reliability OCSP stapling....

By

Nick Sullivan

OCSP , TLS , HTTPS , Security , Programming