"The 'except by brute force' part of 'a hash function cannot be inverted except by brute force' is often neglected"
The post Google Crypto Expert Exposes Trio of AWS Encryption Bugs appeared first on Computer Business Review.
Amazon has updated its S3 encryption client after a cryptographic expert at Google identified three security vulnerabilities in how it secures content in S3 buckets. These included two bugs in its software development kit (SDK), earning her a brace of rare CVEs against the hyperscaler: CVE-2020-8912 and CVE-2020-8911.
Among Dr Sophie Schmieg’s trio of finds was one dubbed by security colleague Thai Duong as “one of the coolest crypto exploits in recent memory”. ...
Support the originator by clicking the read the rest link below.
