[WEB SECURITY] presentation on web 2.0 cryptology

travis+ml-webappsec at subspacefield.org travis+ml-webappsec at subspacefield.org
Tue Aug 11 00:46:05 EDT 2009


Hi folks,

I gave a presentation to OWASP Austin on Web 2.0 Cryptology that
Robert Auger suggested I forward to this list:

http://www.subspacefield.org/security/web_20_crypto.pdf

If I could make one addition to it, I'd mention that if you want
confidentiality AND authentication, there are some non-patented block
cipher modes that provide both with less overhead than using a cipher
and HMAC together.  They're mentioned in my Security Concepts book and
you can also find them on Wikipedia.

Other presentations:
http://www.subspacefield.org/security/
-- 
Obama Nation | My emails do not have attachments; it's a digital signature
that your mail program doesn't understand. | http://www.subspacefield.org/~travis/ 
If you are a spammer, please email john at subspacefield.org to get blacklisted.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 833 bytes
Desc: not available
URL: <http://lists.webappsec.org/pipermail/websecurity_lists.webappsec.org/attachments/20090810/382d9984/attachment.bin>


More information about the websecurity mailing list