Data diodes provide physically guaranteed one-way communications in computer networks. Data diodes can be built using commercial off the shelf components, such as by disconnecting the receive end of a fiber transceiver. Several dedicated appliances are also available. Traditionally, data diodes have been used in high security settings, such as military or industrial control systems. Data diodes might also have a place in other industries, such as health care or finance, especially to transmit logs, analytics, usage, or billing information.
Shorts posts for your enjoyment.
Web security October 13, 2023
I noticed my various infosec-related channels have been talking a lot about Passkeys lately. Are they going to replace passwords? Is it a loss of user control? These are very good and excelllent questions. Adam Langley wrote an excellent blog post. If you also have Passkeys on your mind, start by reading Adam’s post.
Cryptography October 02, 2023
I tooted the following puzzle:
Do you teach cryptography? If yes, ask your students to design a protocol for two people to play a cards game over the internet (eg Uno, Gin Rummy, Go fish or whatever). The protocol should be trustless so the players don’t have to rely on a centralized server to deal cards and players shouldn’t be able to peek at the deck unless the game rule allows it.
Give extra points to students who come up with simpler protocols, formal proofs, or an actual implementation.
Newsletter August 20, 2023
9+ years later, Cryptopals remains a tremendously valuable tool for learning about cryptography by working on practical pieces of code. Cryptopals is a collection of 8 sets of challenges, starting very gently and ending with some non-trivial problems. By working through these challenges you will implement various cryptosystems and well known attacks.