DROWN or not to DROWN

DROWN logo
DROWN stands for Decrypting RSA with Obsolete and Weakened eNcryption. DROWN is another downgrade attack over SSL hence this time over SSLv2.
SSL has a good history with downgrade attacks likewise Lucky13, Crime, BEAST, Poodle. Currently %33 of internet servers uses SSLv2. With DROWN an attacker can decrypt connection with server which has SSLv2 enabled.

Papers and Vulnerability Testing Here

Microsoft Encryption Library for Healthcare Databases released.

Microsoft Encryption Library for Health Databases released.

“SEAL” (Simple Encrypted Arithmetic Library) is a homomorphic encryption algorithm and allows querying medical data without decryption.

The code contains a few basic examples, and more detailed documentation will be available soon.

Download

 

Encrypted Database provider zeroDB goes open source

ZeroDB is an end-to-end encrypted database. Data can be stored on untrusted database servers without ever exposing the encryption key. Clients can execute remote queries against the encrypted data without downloading all of it or suffering an excessive performance hit.

 

ZeroDB sources published at github.

ZeroDB-server sources

information about zerodb technology

 

Microsoft producing new encryption algorithm for healthcare data

Microsoft is working on a new encryption algorithm for healthcare sector.  Algortihm which called “SEAL” is a homomorphic encryption algorithm and allows querying medical data without decryption.

 

Release address (not yet published)

Research Article (pdf)

sslip.io, free wildcard SSL certificate for everyone

while we are waiting for free and open Certificate Authority “Lets Encrypt”, we got a new option.

sslip.io gives a subdomain based upon your ip and you just need to set up SSL key which released at GitHub to your server.

Finally you will have a ip based SSL subdomain address e.g.  https://52-0-56-137.sslip.io/

Detail of SSLip.

 

 

Amazon introduces alternate TLS implementation s2n

s2n_logo

Amazon Web Services introduced s2n; an Open Source implementation of the TLS protocol.  s2n is a library that has been designed to be small, fast, with simplicity as a priority. s2n avoids implementing rarely used options and extensions, and today is just more than 6,000 lines of code. As a result of this, Amazon developers expected  that it is easier to review s2n; they have already completed three external security evaluations and penetration tests on s2n, a practice we will be continuing.

Link

Repo

 

 

Ukraine’s new encryption standart: The Kalyna Block Cipher

The Kalyna block cipher was selected during Ukrainian National Public Cryptographic Competition (2007-2010) and its slight modification was approved as the new encryption standard of Ukraine in 2015. Main requirements for Kalyna were both high security level and high performance of software implementation on general-purpose 64-bit CPUs. The cipher has SPN-based (Rijndael-like) structure with increased MDS matrix size, a new set of four different S-boxes, pre- and postwhitening using modulo 2^{64} addition and a new construction of the key schedule. Kalyna supports block size and key length of 128, 256 and 512 bits (key length can be either equal or double of the block size).

PDF