Website Security Solutions | Latest Guides | Blog

Encryption vs Hashing: What’s the difference?

| #Articles

Both Encryption and Hashing are fundamental building blocks of cryptosystems. When it comes to best practices for storing credentials in your application however, best practice is largely driven by what you’re trying to do. There are a lot of well-meaning security professionals who elect an extremely dogmatic stance: “Encrypting passwords is bad! You must hash them”. This is usually true, except when … [read more →]

What Is SNI? Encrypted SNI (ESNI and ECH)

| #Articles

When a piece of server software wants to make itself available to clients via the network, it binds to a socket. A socket is simply the IP address and port combination the server software listens on for connections. (Most commonly server software chooses to listen on a particular port across all available network interfaces). What happens though if a particular server wants to serve multiple,… [read more →]

OpenSSL 1.1.1k Patches for Two High-Severity Vulnerabilities

| #News

A lot can be learned about SSL/TLS by analyzing real-world bugs and the ways in which vendors patch them. This past week OpenSSL 1.1.1k was released, which corrected two high severity bugs in the popular OpenSSL software. Specifically, CVE-2021-3450 and CVE-2021-3449 are considered to be “high” severity but not “critical” severity because while they are extremely impactful, they affect less common … [read more →]

What is SHA-256? How is Hashing used?

| #Articles

Next to encryption, hashing is perhaps the most important building block of modern cryptosystems. But what is a hash? Why is it important? How can some ways of computing a hash be better than others, and what makes a particular method suitable for cryptography? What is a hash? What do we use hashes for? What makes a hash suitable for cryptographic purposes? Testing it with OpenSSL … [read more →]

What is 256-bit Encryption? How long would it take to crack?

| #Articles

It is a peculiar thing to see, but more and more commonly terms of art make their way into the mainstream media. It seems that every week a new article about a vulnerability, cyberattack, or data breach makes its way into public discourse. One phrase used to give confidence in a strong encryption scheme is “256-bit encryption”, but what does this mean? What is Encryption? What is a Key Size? H… [read more →]