SSLTrust Cyber Security Blog | Page 3

Back to Blog Homepage
#Articles

Considering Full Disk Encryption (FDE)

Full Disk Encryption (FDE) refers to the practice of encrypting a device (laptop, cell phone, etc) at-rest. Decryption is performed at boot time, relying on user input, a cryptographic key stored in hardware, or a combination both. FDE is an …

#Guides

How to choose the right encryption

It can be very difficult to bridge the gap between the theoretical and the practical. This is a pattern I’ve seen repeat itself again and again throughout my career – someone might be very technical, and very familiar with encryption, but when it …

#Articles

PBKDF2: Password Based Key Derivation

PBKDF2, defined in RFC 2898, is a specific Key Derivation Function (KDF). A KDF is simply any mechanism for taking a password (something a user remembers or stores in a password manager) and turning it into a symmetric key suitable for cryptographic …

#Guides

How Certificate Revocation Works with CRLs and OCSP

Certificate Revocation refers to the act of canceling a signed certificate before its expiration date. This can be done due to private key compromise, retirement of a service, or various administrative reasons. There are many different approaches …

#Articles

Encryption vs Hashing: What’s the difference?

Both Encryption and Hashing are fundamental building blocks of cryptosystems. When it comes to best practices for storing credentials in your application however, best practice is largely driven by what you’re trying to do. There are a lot of …

OpenSSL 1.1.1k Two High Severity Vulnerabilities Explored

A lot can be learned about SSL/TLS by analyzing real-world bugs and the ways in which vendors patch them. This past week OpenSSL 1.1.1k was released, which corrected two high severity bugs in the popular OpenSSL software. Specifically, CVE-2021-3450 …

#Articles

Rehashing Hashing: What is SHA-256?

Next to encryption, hashing is perhaps the most important building block of modern cryptosystems. But what is a hash? Why is it important? How can some ways of computing a hash be better than others, and what makes a particular method suitable for …

#Articles

What and how strong is 256-bit Encryption?

It is a peculiar thing to see, but more and more commonly terms of art make their way into the mainstream media. It seems that every week a new article about a vulnerability, cyberattack, or data breach makes its way into public discourse. One …

DDOS Attacks: A game of cat and mouse

A distributed-denial-of-service (DDOS) attack occurs when a service provider is intentionally overwhelmed at the network layer by a large volume of requests. These requests might consist of normal traffic occurring at a massive scale, or it might …

#Articles

SSL/TLS and captive portals

Chances are that you’ve used a captive portal – possibly without knowing it! Captive Portals are a legitimate means of grabbing the users attention

You may be also interested in reading our other resources...

Learning Center

View more resources on cyber security, encryption and the internet.

Helpful Guides

View more Guides, FAQs and information to help with your Certificate purchases.