2 items tagged “openssl”
2007
Side-Channel Attacks and Security Theatre. “In order to mount most of these attacks the attacker must be local [...] every good security person knows that if your attacker has the ability to run stuff on your machine, it is game over, so why are we even caring about these attacks?”
OpenID (and TypeKey) using native OpenSSL functions in PHP. Wez Furlong shows how a small patch to PHP’s OpenSSL support makes it a whole lot easier to perform the cryptography behind OpenID (at the moment you need to use the bc or gmp modules).