# security

7 articles with this tag

## Let's Encrypt is going to start soon

Let's Encrypt (the free, automated and open certificate authority) has just announced its launch schedule. According to it, certificates will be released to the public starting from the week of September 14, 2015.

Their intermediate certificates, which were generated a few days ago, will be signed by IdenTrust. What this means is that if you browse a web page secured by Let's Encrypt, you …

## Elliptic Curve Cryptography: breaking security and a comparison with RSA

This post is the fourth and last in the series ECC: a gentle introduction.

In the last post we have seen two algorithms, ECDH and ECDSA, and we have seen how the discrete logarithm problem for elliptic curves plays an important role for their security. But, if you remember, we said that we have no mathematical proofs for the complexity of the discrete logarithm …

## Elliptic Curve Cryptography: finite fields and discrete logarithms

This post is the second in the series ECC: a gentle introduction.

In the previous post, we have seen how elliptic curves over the real numbers can be used to define a group. Specifically, we have defined a rule for point addition: given three aligned points, their sum is zero ($P + Q + R = 0$). We have derived a geometric method and an algebraic method …

## Elliptic Curve Cryptography: a gentle introduction

Those of you who know what public-key cryptography is may have already heard of ECC, ECDH or ECDSA. The first is an acronym for Elliptic Curve Cryptography, the others are names for algorithms based on it.

Today, we can find elliptic curves cryptosystems in TLS, PGP and SSH, which are just three of the main technologies on which the modern web and IT world …

## Let's Encrypt: the road towards a better web?

I've always dreamed of a encrypted web, where HTTPS is the standard and plain HTTP is no more. A web where eavesdropping or manipulating information is not possible, or at least much harder than today.

I remember that I got excited when I first heard of CAcert: "a community-driven Certificate Authority that issues certificates to the public at large for free". Unfortunately, CAcert's root …

## Are LXC and Docker secure?

Since its initial release in 2008, LXC has become widespread among servers. Today, it is becoming the preferred deployment strategy in many contexts, also thanks to Docker and, more recently, LXD.

LXC and Docker are used not only to achieve modular architecture design, but also as a way to run untrusted code in an isolated environment.

We can agree that the LXC and Docker …