Machine learning has seen a remarkable rate of adoption in recent years across a broad spectrum of industries and applications. Many applications of machine learning techniques are adversarial in nature, insofar as the goal is to distinguish instances which are ``bad'' from those which are ``good''. Indeed, adversarial use goes well beyond this simple classification example: forensic analysis of malware which incorporates clustering, anomaly detection, and even vision systems in autonomous vehicles could all potentially be subject to attacks. In response to these concerns, there is an emerging literature on adversarial machine learning, which spans both the analysis of vulnerabilities in machine learning algorithms, and algorithmic techniques which yield more robust learning.

This page lists some good books recommended by current and past students for a variety of subjects related to the degree. Feel free to add books as you read them if they are relevant!

Oh no - catastrophic failure!

HackerOne Bounty is a continuous security program in which trusted hackers are incentivized to find critical vulnerabilities before they fall into the wrong hands. A Bounty program can be run privately (invite-only) or publicly (open for all) and is perfect for organizations looking for a security solution that keeps pace with an agile software development lifecycle.

README

Welcome to lagout.org !
If you want to make a copy of this website, go ahead, the server can handle the load !
If you think that the library should have new documents, tell us !

In most cryptographic functions, the key length is an important security parameter. Both academic and private organizations provide recommendations and mathematical formulas to approximate the minimum key size requirement for security. Despite the availability of these publications, choosing an appropriate key size to protect your system from attacks remains a headache as you need to read and understand all these papers.
This web site implements mathematical formulas and summarizes reports from well-known organizations allowing you to quickly evaluate the minimum security requirements for your system. You can also easily compare all these techniques and find the appropriate key length for your desired level of protection. The lengths provided here are designed to resist mathematic attacks; they do not take algorithmic attacks, hardware flaws, etc. into account.

Computoser uses an algorithm to generate music. Each generated track is a unique combination of tones, rhythm and instruments.
The algorithm is currently experimental - it may generate both good and bad pieces. Feel free to mark the ones you like and the ones you dislike, so that I know how to improve the algorithm.
The performance may sound a bit artificial - that's because it's synthesized music - a computer can hardly have the performance of a human musician.

The Zero Day Initiative (ZDI), founded by TippingPoint, is a program for rewarding security researchers for responsibly disclosing vulnerabilities. Depending on who you are, here are a few links to get you started:
Researchers: Learn how we pay for your vulnerability discoveries, register for the ZDI or login.
Vendors: Read our disclosure policy or join our security partner program
Press, Curiosity Seeker: Learn more about ZDI or read answers to some frequently asked questions
Please contact us at zdi [at] trendmicro [dot] com with any questions or queries. For sensitive e-mail communications, please use our PGP key.

Principal research engineer at Kudelski Security, PhD from EPFL and FHNW (2010). Presented at Black Hat, DEFCON, CCC, Troopers, SyScan, among other international conferences, I also blog and tweet.

Selected projects:

    Serious Cryptography (2017): book about crypto, published by No Starch Press
    SGX review (2016): research presented at Black Hat about Intel SGX
    The Hash Function BLAKE (2015): book about the hash function BLAKE, published by Springer
    NORX (2014): authenticated cipher candidate in the CAESAR competition
    Password Hashing Competition (2013-2015): open competition that selected Argon2 as a winner
    BLAKE2 (2013): hash function faster than SHA-2 and SHA-3, available in OpenSSL, Sodium, Crypto++, etc.
    Cryptography Coding Standard (2013-): coding rules to prevent common weaknesses in cryptography software
    SipHash (2012): keyed hash function, used in Linux, FreeBSD, OpenBSD, Python, among others

 HashKiller's purpose is to serve as a meeting place for computer hobbyists, security researchers and penetration testers. It serves as a central location to promote greater security on the Internet by demonstrating the weakness of using hash based storage / authentication.