security

More efficient post-quantum KEMTLS with pre-distributed public keys
We make KEMTLS more efficient in scenarios where the client already has the server’s long-term public key, for example through caching or because it’s pre-installed.
Preprint PDF Cite Project DOI
Post-Quantum TLS without handshake signatures
We present an alternative to TLS 1.3, by authenticating using only Key-Encapsulation Mechanisms. This allows us to get rid of handshake signatures, as post-quantum signature schemes are expensive, both in bytes and computation times.
Preprint PDF Cite Code Dataset Project DOI
Post-Quantum TLS with KEMs
We investigate getting rid of signatures in TLS
Thom Wiggers
Certificate signing with an ePass2003

I have a fairly creative ssl setup on my webserver:

  • I run my own ‘certificate authority’ which signs the server certificate;
  • I have a bunch of alternative names specified;
  • The CA certificate sits on an ePass 2003 PKI token.

I’m writing down how I sign certificates in this context so I can use this to look up the procedure instead of spending hours in DuckDuckGo. This is more of a tutorial than elegant prose.

Thom Wiggers
Last updated on 2021-02-25 2 min read security
Time-invariant equality in assembly

For crypto code it's important that it's time-invariant, otherwise it is vulnerable to timing attacks. I've had to build this time-invariant equality test from scratch, because I couldn't find something on Google. I hope it's useful to someone else.

Thom Wiggers
Last updated on 2019-07-23 2 min read security