Day 6 Security and SSL2 Protocol examination

September 21, 2021•64 words

What I did: Authentication
Total time: 44.083
Comments:
Discovered XChaChaPoly1305 may be the break we need provides authentication of data and easily swappable encryption protocols as XChaCha is discovered to be weak. Along with developing a security watchlist on both Google SSL and Standard Notes to ensure that Gaya's security pratices stay quite modern, until we're big enough to afford our own security team.

👍❤️🫶👏👌🤯🤔😂😍😭😢😡😮

Subscribe to the author

You'll only receive email when they publish something new.

More from KitzuneFiles
All posts

Day 5 SSL2 Basic Finished and Researching Authentication and Cipher

September 20, 2021•82 words

What I did: Authentication Total time: 43.683 Comments: Discovered annoying bug in protocol where the SSL2 session is tied directly to the authentication of the user by relying on derived secrets. If have time (have approximately 240 minutes before needing to move on [discovered flex in my roadmap by dropping signing and verification from the first spec). So if I can answer an array of questions, I can then revisit the SSL2 protocol and redesign so that SSL2 is seperate from authentication. ...

Read post

Day 7 Protocol Error Code Fleshout

September 23, 2021•39 words

What I did: HTTP and SSL2 codes and use cases. researching 2 providers who can do consoluting for TLS along with asking a key exhausting question finally doing a bit of encryption theory to ensure understanding. Total time: 45.183 ...

Read post

Day 6 Security and SSL2 Protocol examination

More from KitzuneFilesAll posts

Day 5 SSL2 Basic Finished and Researching Authentication and Cipher

Day 7 Protocol Error Code Fleshout

More from KitzuneFiles
All posts