Cryptography & Security Newsletter

Feisty Duck’s Cryptography & Security Newsletter is a periodic dispatch bringing you commentary and news surrounding cryptography, security, privacy, SSL/TLS, and PKI. It's designed to keep you informed about the latest developments in this space. Enjoyed every month by more than 50,000 subscribers. Written by Hanno Böck.

Delegated credentials is a TLS feature currently in development that allows for temporarily delegating authentication of TLS connections to a different public/private key pair. Cloudflare, Facebook, and Mozilla are currently running experiments with this feature in practice.

The idea of delegated credentials is that a TLS certificate can sign a special temporary key that is then allowed to sign TLS handshakes for the corresponding host. It acts as a kind of intermediate certificate.

The background is that sometimes companies want to store their private key in a more secure location, but getting signatures involves a latency overhead. One such use case is the Keyless SSL feature that Cloudflare introduced some years ago. Cloudflare was directly involved in the development of delegated credentials.

Right now, there is a draft for the standard. To use delegated credentials, you need a special certificate extension; for the experiments run by Cloudflare and Facebook, these certificates have been provided by DigiCert.

Firefox has implemented initial support in its NSS library and the nightly releases of Firefox. Mozilla is also running a telemetry experiment to gather experience with the new feature.

Short News

• In two blog posts, both Cloudflare and Google developer Adam Langley reported their experiences with postquantum key exchange algorithms in TLS. Google and Cloudflare started implementing combined elliptic curve and postquantum key exchanges in their servers and the Chrome browser in January.
• Cloudflare published cfnts, a Rust-based implementation of the Network Time Security protocol (NTS).
• Eric Lawrence explained in a blog post that browsers are working on deprecating the unencrypted FTP protocol and in particular that Chrome 80 will completely remove FTP support next year.
• In a series of tweets, Colm MacCárthaigh looked back at the renegotiation attack against TLS ten years ago.
• Microsoft Azure now offers free TLS certificates for custom domains in Azure App Service.
• OpenSSL published a blog post about plans for the upcoming version 3.0.
• Researchers have pointed out a problem with timestamps in eIDAS digital certificates, which goes against Estonian law.
• Firo Solutions reported a heap buffer overflow it discovered in WolfSSL.
• Microsoft announced plans to support DNS over HTTPS (DoH) in Windows.
• Neal Koblitz and Alfred Menezes published a paper discussing practical failures of cryptographic proofs.
• The TPM-Fail attack shows timing side-channels in elliptic curve operations of TPM chips. The vulnerable chips had certifications from Common Criteria and FIPS that failed to detect these weaknesses.