Logjam: the latest TLS vulnerability explained

Published on by Filippo Valsorda.

Image: "Logjam" as interpreted by @0xabad1dea. Yesterday, a group from INRIA, Microsoft Research, Johns Hopkins, the University of Michigan, and the University of Pennsylvania published a deep analysis of the Diffie-Hellman algorithm as used in TLS and other protocols. This analysis included a novel downgrade attack against the TLS protocol

Protecting web origins with Authenticated Origin Pulls

Published on by Rajeev Sharma.

As we have been discussing this week, securing the connection between CloudFlare and the origin server is arguably just as important as securing the connection between end users and CloudFlare. The origin certificate authority we announced this week will help CloudFlare verify that it is talking to the correct origin

TLS Session Resumption: Full-speed and Secure

Published on by Zi Lin.

At CloudFlare, making web sites faster and safer at scale is always a driving force for innovation. We introduced “Universal SSL” to dramatically increase the size of the encrypted web. In order for that to happen we knew we needed to efficiently handle large volumes of HTTPS traffic, and give

Do the ChaCha: better mobile performance with cryptography

Published on by Nick Sullivan.

CC BY-ND 2.0 image image by Clinton Steeds CloudFlare is always trying to improve customer experience by adopting the latest and best web technologies so that our customers (and their visitors) have a fast and a secure web browsing experience. More and more web sites are now using HTTPS