We have just completed our review of OpenSSL 1.1.1 with QuarksLab, and we are moving on to our next big project, Unbound DNS!
What is Unbound and Why is it Important?
One of the core functions of the internet is domain name resolution. This means that when you type in a domain name like ostif.org
We would like to thank our sponsors Private Internet Access and DuckDuckGo for helping to fund this security review, as well as all of our donors and individual supporters. This crucial work doesn't happen without support from the community.
The quick and dirty:
OpenSSL version 1.1.1 was evaluated with special foci on new TLS 1.3 features
We have completed the security review of the new Pseudorandom Number Generator (PRNG) for OpenSSL 1.1.1.
This security review was sponsored by Private Internet Access, ExpressVPN, DuckDuckGo, OpenVPN, and the privacy community.
Random number generation is a crucial component in all cryptography, because the randomness of numbers is the mechanism that makes secret numbers hard to
The Kudelski Security review of Monero Bulletproofs is Complete - Here are the Results!
The quick and dirty:
Kudelski Security has done a review of Monero Bulletproofs, a specific type of range proof based on new cryptography by Benedikt Bunz et al. Bulletproofs is a trustless proofs setup that is substantially smaller than the current Borromean
OSTIF is Working with Monero Research Lab on Bulletproofs
We are happy to announce that we have been working with the Monero project to help them locate auditing resources for Bulletproofs. This code review is to evaluate the safety of the implementation of Bulletproofs into Monero, which promises to dramatically reduce transaction sizes for Monero,
OSTIF is proud to announce that we have come to an agreement to fully fund an audit of VeraCrypt. Using funds that were donated by DuckDuckGo and VikingVPN, we plan to hire QuarksLab to go over the code and search for vulnerabilities and backdoors.
VeraCrypt is a crucial piece of open-source software that can encrypt