Lightweight and Breach-Resilient Authenticated Encryption Framework for Internet of Things

The Internet of Things IoT relies heavily on resource-limited devices to communicate critical e.g., military data information under low-energy adversarial environments and low-latency wireless channels. Authenticated Encryption AE guarantees confidentiality, authenticity, and integrity, making it...

Extensible Post Quantum Cryptography Based Authentication

Cryptography underpins the security of modern digital infrastructure, from cloud services to health data. However, many widely deployed systems will become vulnerable after the advent of scalable quantum computing. Although quantum-safe cryptographic primitives have been developed, such as...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...

CVE-2023-33982

Bramble Handshake Protocol BHP in Briar before 1.5.3 is not forward secure: eavesdroppers can decrypt network traffic between two accounts if they later compromise both accounts. NOTE: the eavesdropping is typically impractical because BHP runs over an encrypted session that uses the Tor hidden...

CVE-2023-33982

Summary (CVE-2023-33982): Briar’s Bramble Handshake Protocol (BHP) in Briar versions prior to 1.5.3 is not forward secure. If an attacker later compromises both accounts, they can decrypt traffic between them. The vulnerability is tied to the BHP and is considered impractical to exploit in normal...