Christopher Meyer

About Christopher Meyer

Chris works as a researcher and is eagerly looking for bugs in SSL/TLS, the Java platform and various applications. In addition, he is primarily interested in secure coding and exploiting coding mistakes.

List/Grid Author Archives Subscribe to the RSS feed of Christopher Meyer

software-development-2-logo

Easter Hack: Even More Critical Bugs in SSL/TLS Implementations

It’s been some time since my last blog post – time for writing is rare. But today, I’m very happy that Oracle released the brand new April Critical Patch Update, ...
java-logo

How to use ECC with OpenJDK

Everyone who ever tried to use Elliptic Curve Cryptography (ECC) in Java with an OpenJDK was either forced to use Bouncy Castle or fumble with the SunEC provider. The SunEC provider ...
java-logo

Safely Create and Store Passwords

Nearly every time when it comes to user profiles it is necessary to manage user credentials and thus be able to create and store user passwords. It should be common practice to use ...
enterprise-java-logo

Browser-based Key Generation and interaction with the Browser’s Key/Certificate Store

Imagine the following scenario: You need to get a key (in the asymmetric case the user’s public key) from a user visiting your website and want the browser to remember the private ...
java-logo

Weaknesses in Java Pseudo Random Number Generators (PRNGs)

This will be a sum up of a Paper written by Kai Michaelis, Jörg Schwenk and me, which was  presented at the Cryptographers’ Track at RSA Conference 2013. You can get the slides ...
software-development-2-logo

A brief chronology of SSL/TLS attacks

I haven’t had a substantial post for quite a long time, so it’s time for something useful and interesting. Although not Java-specific, this post might still be interesting ...
java-logo

Hash Length Extension Attacks

In this post I will try to leave the summer slump behind and focus on more interesting things than complaining about the weather – hash length extension attacks. Hash length extension ...
software-development-2-logo

How to deal with {conservative, intractable, annoying} APIs

Have you ever been fighting with an, at least for your current purpose, inflexible API? I picked up one of the trickier scenarios – calling super( … ) with parameters. Sometimes ...
java-logo

Using the final keyword on method parameters

After some own confusion which specific meaning final declared method parameters have this blog entry will try to clarify this. At least the final keyword on method parameters can ...
java-logo

Investigating the HashDoS issue

Nearly one month ago I have written some thoughts on how the HashDoS problem presented at the 28C3 or other code defects could perhaps be fixed temporarily without interaction of vendors. Now ...
12
Java Code Geeks and all content copyright © 2010-2014, Exelixis Media Ltd | Terms of Use
All trademarks and registered trademarks appearing on Java Code Geeks are the property of their respective owners.
Java is a trademark or registered trademark of Oracle Corporation in the United States and other countries.
Java Code Geeks is not connected to Oracle Corporation and is not sponsored by Oracle Corporation.

Sign up for our Newsletter

15,153 insiders are already enjoying weekly updates and complimentary whitepapers! Join them now to gain exclusive access to the latest news in the Java world, as well as insights about Android, Scala, Groovy and other related technologies.

As an extra bonus, by joining you will get our brand new e-books, published by Java Code Geeks and their JCG partners for your reading pleasure! Enter your info and stay on top of things,

  • Fresh trends
  • Cases and examples
  • Research and insights
  • Two complimentary e-books
Get tutored by the Geeks! JCG Academy is a fact... Join Now
Hello. Add your message here.