Christopher Meyer

About Christopher Meyer

Chris works as a researcher and is eagerly looking for bugs in SSL/TLS, the Java platform and various applications. In addition, he is primarily interested in secure coding and exploiting coding mistakes.

List/Grid Author Archives Subscribe to the RSS feed of Christopher Meyer

software-development-2-logo

Easter Hack: Even More Critical Bugs in SSL/TLS Implementations

It’s been some time since my last blog post – time for writing is rare. But today, I’m very happy that Oracle released the brand new April Critical Patch Update, ...
java-logo

How to use ECC with OpenJDK

Everyone who ever tried to use Elliptic Curve Cryptography (ECC) in Java with an OpenJDK was either forced to use Bouncy Castle or fumble with the SunEC provider. The SunEC provider ...
java-logo

Safely Create and Store Passwords

Nearly every time when it comes to user profiles it is necessary to manage user credentials and thus be able to create and store user passwords. It should be common practice to use ...
enterprise-java-logo

Browser-based Key Generation and interaction with the Browser’s Key/Certificate Store

Imagine the following scenario: You need to get a key (in the asymmetric case the user’s public key) from a user visiting your website and want the browser to remember the private ...
java-logo

Weaknesses in Java Pseudo Random Number Generators (PRNGs)

This will be a sum up of a Paper written by Kai Michaelis, Jörg Schwenk and me, which was  presented at the Cryptographers’ Track at RSA Conference 2013. You can get the slides ...
software-development-2-logo

A brief chronology of SSL/TLS attacks

I haven’t had a substantial post for quite a long time, so it’s time for something useful and interesting. Although not Java-specific, this post might still be interesting ...
java-logo

Hash Length Extension Attacks

In this post I will try to leave the summer slump behind and focus on more interesting things than complaining about the weather – hash length extension attacks. Hash length extension ...
software-development-2-logo

How to deal with {conservative, intractable, annoying} APIs

Have you ever been fighting with an, at least for your current purpose, inflexible API? I picked up one of the trickier scenarios – calling super( … ) with parameters. Sometimes ...
java-logo

Using the final keyword on method parameters

After some own confusion which specific meaning final declared method parameters have this blog entry will try to clarify this. At least the final keyword on method parameters can ...
java-logo

Investigating the HashDoS issue

Nearly one month ago I have written some thoughts on how the HashDoS problem presented at the 28C3 or other code defects could perhaps be fixed temporarily without interaction of vendors. Now ...
12
Java Code Geeks and all content copyright © 2010-2014, Exelixis Media Ltd | Terms of Use | Privacy Policy
All trademarks and registered trademarks appearing on Java Code Geeks are the property of their respective owners.
Java is a trademark or registered trademark of Oracle Corporation in the United States and other countries.
Java Code Geeks is not connected to Oracle Corporation and is not sponsored by Oracle Corporation.
Do you want to know how to develop your skillset and become a ...
Java Rockstar?

Subscribe to our newsletter to start Rocking right now!

To get you started we give you two of our best selling eBooks for FREE!

Get ready to Rock!
You can download the complementary eBooks using the links below:
Close