jbp.io
GitHub Actions is Someone Else's Computer
CVE-2024-5535: `SSL_select_next_proto` buffer overread
Replacing a C library: a testing strategy
Third-party audit of rustls
rustls versus OpenSSL: resumption performance
rustls versus OpenSSL: memory usage
rustls versus OpenSSL: handshake performance
rustls versus OpenSSL: bulk performance
TLS performance: rustls versus OpenSSL
rustls: modern, faster, safer TLS
TLS bulk performance: rustls versus OpenSSL
Measuring test coverage of Rust libraries
rustls: A Modern, Pure-Rust TLS Library
Using SGX to harden password hashing
Abusing U2F to 'store' keys
PBKDF2: performance matters
Lucky 13 in Amazon S2N
CVE-2015-1788: OpenSSL ECC binpoly denial of service
Benchmarking Modern Authenticated Encryption on €1 devices
Audio as a low-bandwidth authentic channel
Public comment on FIDO U2F standard
libotr: the code review
How to monetise the IoT through energy markets
Android keystore key leakage between security domains
Analysis of the OpenSSL random API
A novel countermeasure against CRIME and BREACH
TLS128: A secure profile for TLS
Android SecureRandom vulnerability guess
TLS downgrade behaviour