Cryptography Software Security

Dead Ends in Cryptanalysis #1: Length Extension Attacks

This is the first entry in a (potentially infinite) series of dead end roads in the field of cryptanalysis. Cryptography engineering is one of many specialties within the wider field of security engineering. Security engineering is a discipline that chiefly concerns itself with studying how systems fail in order to build better systems–ones that are […]


Kerlissions – Trivial Collisions in Iota’s Hash Function (Kerl)

Historical Context of Iota’s Hash Functions Once upon a time, researchers discovered that the hash function used within the Iota cryptocurrency (Curl-P), was vulnerable to practical collisions. When pressed about this, the Iota Foundation said the following: In response to this research, the Iota developers threatened to sue the researchers. Iota replaced Curl-P-27 with a […]