We would like to thank our sponsors Private Internet Access and DuckDuckGo for helping to fund this security review, as well as all of our donors and individual supporters. This crucial work doesn’t happen without support from the community. The quick and dirty: OpenSSL version 1.1.1 was evaluated with special foci on new TLS…
It has been a while since we have done a round of updates on what we are working on. We have a number of projects that are currently active and more starting up. Throughout 2019 we expect to finish more than twice as many total projects and to continue with…
Bulletproofs are a specific type of range proof based on new cryptography by Benedikt Bunz et al. Bulletproofs are a trustless proofs setup that are substantially smaller than the current Borromean style range proofs that were previously used, which reduces the size of Monero transactions by 80-90%. Monero’s latest network update,…
We have completed the security review of the new Pseudorandom Number Generator (PRNG) for OpenSSL1.1.1. This security review was sponsored by Private Internet Access, ExpressVPN, DuckDuckGo, OpenVPN, and the privacy community. Random number generation is a crucial component in all cryptography, because the “randomness” of numbers is the mechanism that makes secret numbers hard to guess. Problems…
The Audit of OpenVPN is Complete We have confirmed with QuarksLab that the security review of OpenVPN 2.4.0 is complete, and that they are now documenting the results. The process will then proceed as follows: QuarksLab will securely give these results to the OpenVPN security team on April 7th. The…
OSTIF is proud to announce that we have come to an agreement to fully fund an audit of VeraCrypt. Using funds that were donated by DuckDuckGo and VikingVPN, we plan to hire QuarksLab to go over the code and search for vulnerabilities and backdoors. VeraCrypt is a crucial piece of…