background preloader

A (relatively easy to understand) primer on elliptic curve cryptography

A (relatively easy to understand) primer on elliptic curve cryptography
Author Nick Sullivan worked for six years at Apple on many of its most important cryptography efforts before recently joining CloudFlare, where he is a systems engineer. He has a degree in mathematics from the University of Waterloo and a Masters in computer science with a concentration in cryptography from the University of Calgary. This post was originally written for the CloudFlare blog and has been lightly edited to appear on Ars. Readers are reminded that elliptic curve cryptography is a set of algorithms for encrypting and decrypting data and exchanging cryptographic keys. Elliptic curve cryptography (ECC) is one of the most powerful but least understood types of cryptography in wide use today. Be warned: this is a complicated subject, and it's not possible to boil it down to a pithy blog post. The dawn of public key cryptography What you need for a public key cryptographic system to work is a set of algorithms that is easy to process in one direction but difficult to undo.

RFC 6520 - Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) Heartbeat Extension [Docs] [txt|pdf] [draft-ietf-tls-dt...] [Diff1] [Diff2] [IPR] PROPOSED STANDARD Internet Engineering Task Force (IETF) R. RFC 6520 TLS/DTLS Heartbeat Extension February 2012 Copyright Notice Copyright (c) 2012 IETF Trust and the persons identified as the document authors. 1. 1.1. This document describes the Heartbeat Extension for the Transport Layer Security (TLS) and Datagram Transport Layer Security (DTLS) protocols, as defined in [RFC5246] and [RFC6347] and their adaptations to specific transport protocols described in [RFC3436], [RFC5238], and [RFC6083]. RFC 6520 TLS/DTLS Heartbeat Extension February 2012 TLS is based on reliable protocols, but there is not necessarily a feature available to keep the connection alive without continuous data transfer. 1.2. The key words "MUST", "MUST NOT", "REQUIRED", "SHALL", "SHALL NOT", "SHOULD", "SHOULD NOT", "RECOMMENDED", "MAY", and "OPTIONAL" in this document are to be interpreted as described in [RFC2119]. 2. 3. 4. 5. 5.1. 5.2. 6. 7. 8. 9.

Heartbleed Bug

Related: