Perfect Forward Secrecy is a security feature used in encrypted communications. It ensures that if someone gets access to the encryption keys used today, they still cannot read past conversations. This is because each session uses a unique, temporary key that is not stored after the session ends. Even if a server’s long-term private key…
Secure key exchange is the process of safely sharing secret cryptographic keys between two parties over a potentially insecure channel. This ensures that only the intended participants can use the key to encrypt or decrypt messages, even if others are listening in. Techniques like Diffie-Hellman and RSA are commonly used to achieve this secure exchange,…
OCSP Stapling is a method used to check if a website’s SSL certificate is still valid without each visitor having to contact the certificate authority directly. Instead, the website server periodically gets a signed response from the certificate authority and ‘staples’ this proof to its SSL certificate during the connection process. This makes the process…
A Certificate Revocation List (CRL) is a list published by a certificate authority that shows which digital certificates are no longer valid before their scheduled expiry dates. Certificates can be revoked for reasons such as compromise, loss, or misuse of the private key. Systems and users check CRLs to ensure that a certificate is still…
TLS handshake optimisation refers to improving the process where two computers securely agree on how to communicate using encryption. The handshake is the first step in setting up a secure connection, and it can add delay if not managed well. By optimising this process, websites and applications can load faster and provide a smoother experience…
Secure protocol design is the process of creating rules and procedures that allow computers and devices to communicate safely over a network. This involves making sure that information is protected from eavesdropping, tampering, or unauthorised access while being sent from one place to another. The design must consider possible threats and ensure that communication remains…
Token Binding is a security technology that helps to prevent certain types of attacks on web sessions. It works by linking a security token, such as a session cookie or authentication token, to a specific secure connection made by a user’s browser. This means that even if someone tries to steal a token, it cannot…
JSON Web Tokens (JWT) are a compact and self-contained way to transmit information securely between parties as a JSON object. They are commonly used for authentication and authorisation in web applications, allowing servers to verify the identity of users and ensure they have permission to access certain resources. The information inside a JWT is digitally…
Atomicity in cross-chain swaps means that two people can exchange digital assets between different blockchains in a way that ensures either both sides of the swap happen or nothing happens at all. This prevents one party from losing their assets without receiving anything in return. Atomicity is crucial for trustless trading, as it removes the…
Decentralised key recovery is a method for helping users regain access to their digital keys, such as those used for cryptocurrencies or secure communication, without relying on a single person or organisation. Instead of trusting one central entity, the responsibility for recovering the key is shared among several trusted parties or devices. This approach makes…