Area41 Zurich report
Book Club - 4th Tuesday of the month
https://www.owasp.org/images/d/d3/TLS_v1.3_Overview_OWASP_Final.pdf
https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet
TLS_DHE_RSA_AES_256_GCM_SHA256
TLS = Protocol
DHE = Diffie-Hellman ephemeral (provides Perfect Forward Secrecy)
Perfect Forward Secrecy = session keys won’t be compromised, even if server private keys are
Past messages and data cannot be retrieved or decrypted (https://en.wikipedia.org/wiki/Forward_secrecy)
RSA = Digital Signature (authentication)
There are only 2 (RSA, or ECDSA)
AES_256_GCM - HMAC (hashed message authentication code)
https://www.owasp.org/index.php/TLS_Cipher_String_Cheat_Sheet
https://en.wikipedia.org/wiki/HMAC#Definition_.28from_RFC_2104.29
https://en.wikipedia.org/wiki/Funicular
https://mozilla.github.io/server-side-tls/ssl-config-generator/?hsts=no
Join our #Slack Channel! Email us at bds.podcast@gmail.com
or DM us on Twitter @brakesec
#Spotify: https://brakesec.com/spotifyBDS
#RSS: https://brakesec.com/BrakesecRSS
#Youtube Channel: http://www.youtube.com/c/BDSPodcast
#iTunes Store Link: https://brakesec.com/BDSiTunes
#Google Play Store: https://brakesec.com/BDS-GooglePlay
Our main site: https://brakesec.com/bdswebsite
#iHeartRadio App: https://brakesec.com/iHeartBrakesec
#SoundCloud: https://brakesec.com/SoundcloudBrakesec
Comments, Questions, Feedback: bds.podcast@gmail.com
Support Brakeing Down Security Podcast by using our #Paypal: https://brakesec.com/PaypalBDS OR our #Patreon
https://brakesec.com/BDSPatreon
#Twitter: @brakesec @boettcherpwned @bryanbrake @infosystir
#Player.FM : https://brakesec.com/BDS-PlayerFM
#Stitcher Network: https://brakesec.com/BrakeSecStitcher
#TuneIn Radio App: https://brakesec.com/TuneInBrakesec
No comments:
Post a Comment