#Security
7 articles
Cryptography Fundamentals: Symmetric, Asymmetric, One-Way Functions, Hashing, and Digital Signatures
From symmetric versus asymmetric encryption to the one-way and trapdoor functions behind RSA and ECC, plus hash functions and digital signatures, this article explains the building blocks of cryptography with primary sources. Part 1 of a three-part series that groups public-key uses into signing, encryption, and key exchange.
Cryptography in Practice: TLS, JWT, and SSH
How everyday protocols such as TLS, JWT/JWS, and SSH combine symmetric keys, public keys, signatures, key exchange, and PKI, viewed through the three uses of a public key and backed by RFCs. The final part of a three-part cryptography series.
Key Exchange and PKI: Diffie-Hellman, Certificates, and Certificate Authorities
How Diffie-Hellman shares a symmetric key safely, how ECDHE adds forward secrecy, and how PKI binds a public key to its owner through certificates, CAs, and a chain of trust. Backed by primary sources such as RFCs. Part 2 of a three-part cryptography series.
Three Uses of a Public Key: Signing, Encryption, and Key Exchange
A public key has just three uses: signing, encryption, and key exchange. This article sorts real-world applications such as SSH public-key auth, WebAuthn, mTLS, private_key_jwt, code signing, and container signing into these three, and clarifies how they differ from shared-key schemes such as HMAC, with primary sources.
Secure by Design: Safe Software Design
Secure by Design: Safe Software Design
Building Secure and Reliable Systems: Design, Implementation, and Maintenance from Google SRE
Building Secure and Reliable Systems: Design, Implementation, and Maintenance from Google SRE
How to Use Burp Suite with Google Chrome
Steps to configure Burp Suite for use with Chrome.