Friends Don't Let Friends Use PyCrypto

Published

Tags: and

For all practical purposes, PyCrypto, the Python Cryptography Toolkit, is dead. The package has several issues (many of them with security implications) that will almost certainly never get fixed because the project hasn’t been updated in multiple years. Despite that, I still see PyCrypto recommendations around every now and then — I just got it removed from the Awesome Cryptography list.

Switching from StartSSL to Let's Encrypt

Published

Tags: and

When I first set up this blog I got an SSL certificate from StartCom’s StartSSL authority, simply because it was the easy way to just get a site on HTTPS.

However, StartCom has recently fallen out of favour with browser vendors, starting with Mozilla and now Chrome. If you haven’t been following the world of certificate authority politics, the story starts with a CA called WoSign. A university sysadmin created a big tech news story earlier this year after revealing that WoSign gave him a certificate for github.com. This is a pretty big deal, and Mozilla’s investigations into WoSign have raised even more concerns about WoSign’s mistakes and handling of mistakes. One of those concerns is this:

[In November 2015] WoSign purchased the CA “StartCom” and did not disclose the transaction as a change of ownership, which we believe violates section 5 of the Mozilla CA Certificate Maintenance Policy. Furthermore, when this clause was brought to their attention, they denied that any changes fell under it, and they attempted to suppress further information about the ownership transfer when it was brought to the community’s attention.

A couple of weeks ago Mozilla announced that Firefox will be phasing out support for both WoSign and StartCom certificates. Chrome made a similar announcement a week later.

What Difference Can Order Make When Hashing?

Published

Tags: and

I saw this thread about password hashing on the D language forums. The original post had a good question that didn’t get answered at the time: if you’re hashing a bunch of things, can it make any difference (for security) what order you do it?

The answer turns out to be yes, and it’s a neat example of the difference between theoretical ideals and real-world systems. Because I think this stuff is worth knowing if you’re using cryptographic hash functions for, you know, actual crypto, I thought I’d write up a blog post about why it can matter.