Origin Validation Error

Overview Affected versions of this package are vulnerable to Origin Validation Error during the intra-handshake attestation.. An attacker can impersonate a trusted service endpoint and gain unauthorized access to sensitive data or operations by extracting the ephemeral TLS private key through...

CVE-2026-33697 CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

Cocos AI is a confidential computing system for AI. The current implementation of attested TLS aTLS in CoCoS is vulnerable to a relay attack affecting all versions from v0.4.0 through v0.8.2. This vulnerability is present in both the AMD SEV-SNP and Intel TDX deployment targets supported by CoCoS...

CVE-2026-33697 CoCoS attested TLS is vulnerable to relay attacks via extracted ephemeral TLS keys

Cocos AI is a confidential computing system for AI. The current implementation of attested TLS aTLS in CoCoS is vulnerable to a relay attack affecting all versions from v0.4.0 through v0.8.2. This vulnerability is present in both the AMD SEV-SNP and Intel TDX deployment targets supported by CoCoS...

Statistical Analysis and Optimization of the MFA Protecting Private Keys

In the current information age, asymmetrical cryptography is widely used to protect information and financial transactions such as cryptocurrencies. The loss of private keys can have catastrophic consequences; therefore, effective MFA schemes are needed. In this paper, we focus on generating...

Securing Cross-Domain Internet of Drones: An RFF-PUF Allied Authenticated Key Exchange Protocol with Over-The-Air Enrollment

The Internet of Drones IoD is an emerging and crucial paradigm enabling advanced applications that require seamless, secure communication across heterogeneous and untrusted domains. In such environments, access control and the transmission of sensitive data pose significant security challenges fo...

CVE-2025-3301

DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to u...

CVE-2025-3301 DPA Countermeasures Unavailable for Certain Cryptographic Operations on Series 2 Devices

DPA countermeasures are unavailable for ECDH key agreement and EdDSA signing operations on Curve25519 and Curve448 on all Series 2 modules and SoCs due to a lack of hardware and software support. A successful DPA attack may result in exposure of confidential information. The best practice is to u...

CVE-2025-3301

CVE-2025-3301 concerns DPA countermeasures being unavailable for ECDH key agreement and EdDSA signing on Curve25519 and Curve448 on all Series 2 modules and SoCs due to lack of hardware and software support. The consequence is potential exposure of confidential information if a DPA attack is succ...

Congressional Group Says Encryption Backdoors Are a Bad Idea

The Congressional Encryption Working Group released its year-end report that concluded that encryption backdoors do more harm than good. The 12-page report said that “any measure that weakens encryption works against the national interest.” The bipartisan congressional panel recommended that the...

Researchers Demonstrated How NSA Broke Trillions of Encrypted Connections

In the year 2014, we came to know about the NSA's ability to break Trillions of encrypted connections by exploiting common implementations of the Diffie-Hellman key exchange algorithm – thanks to classified documents leaked by ex-NSA employee Edward Snowden. At that time, computer scientists and...

USN-2912-1 libssh vulnerabilities

Mariusz Ziulek discovered that libssh incorrectly handled certain packets. A remote attacker could possibly use this issue to cause libssh to crash, resulting in a denial of service. CVE-2015-3146 Aris Adamantiadis discovered that libssh incorrectly generated ephemeral secret keys of 128 bits...

openssl security update

1.0.1e-34.7 - fix CVE-2014-3570 - incorrect computation in BNsqr - fix CVE-2014-3571 - possible crash in dtls1getrecord - fix CVE-2014-3572 - possible downgrade of ECDH ciphersuite to non-PFS state - fix CVE-2014-8275 - various certificate fingerprint issues - fix CVE-2015-0204 - remove support f...

Twitter Implements Perfect Forward Secrecy

Twitter took another step toward not only securing the privacy of its users’ communication over the social network, but in warding off the prying eyes of government surveillance with the implementation of Perfect Forward Secrecy. The technology thwarts the efforts of anyone who may be collecting...

DEBIAN-CVE-2005-2643

Tor 0.1.0.13 and earlier, and experimental versions 0.1.1.4-alpha and earlier, does not reject certain weak keys when using ephemeral Diffie-Hellman DH handshakes, which allows malicious Tor servers to obtain the keys that a client uses for other systems in the circuit...