Working on a Crypto Best Practices Knowledge Base with JHU

Update:  I just found out that Cisco has fully funded through a gift grant the Cryptographic Knowledge Base that will be managed and overseen by Johns Hopkins University and specifically Seth Nielson and Matthew Green.  I am honored to be working with the best of the best in the Crypto Community in the design and implementation … More Working on a Crypto Best Practices Knowledge Base with JHU

Starting a Nonprofit

Update: We settled on a name League of Women in Cybersecurity.  Check out our website: https://LoWiCys.org. I’m super excited about co-founding a nonprofit in the RTP area that will be dedicated to training women in cybersecurity.  It will be hands-on training using open source tools.    We had our first meeting last Wednesday and the room … More Starting a Nonprofit

Recommended TLS Ciphers

Use: TLS v1.1 and 1.2 Avoid: TLSv1.0 or lower or SSLv3 or lower TLS Recommended Ciphers: TLS_ECDHE_RSA_WITH_AES_128_CBC_SHA TLS_ECDHE_RSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_CBC_SHA384 TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256 TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384 Avoid the following ciphers: TLS_DHE_RSA_WITH_AES_128_CBC_SHA TLS_DHE_RSA_WITH_AES_256_CBC_SHA TLS_DHE_RSA_WITH_AES_128_CBC_ SHA256 TLS_DHE_RSA_WITH_AES_256_CBC_ SHA256 Note: The above DHE ciphers are safe to use only if dh group 14 (2048 bit) key sizes are being used … More Recommended TLS Ciphers

SSH Algorithms to Use

For SSHv2 key exchange: Recommended: diffie-hellmann-group14-sha1 (2048 bit) for SSH key exchange Allowed:  ecdh-sha2-nistp256, ecdh-sha2-nistp384, and ecdh-sha2-nistp521 Avoid: diffie-hellman-group1-sha1 (768 bit),diffie-hellman-group2-sha1 (1024 bit) dh group 1 should not be used based on this research paper “Imperfect Forward Secrecy: How Diffie-Hellman Fails in Practice.”  In addition, dh group 2 and below are susceptible to the logjam attack. … More SSH Algorithms to Use