Enable HTTPS everywhere

SSL-Report for blog.muehlburger.at
SSL-Report for blog.muehlburger.at

Finally I finished to configure my HTTPS protocol support for blog.muehlburger.at. Supporting encrypted communication is an important part of the internet today. Everybody should support encrypted communication on the web. A good resource on how to select strong cypher suites and to configure your web server to support encryption properly is bettercrypto.org.

There is also a great video covering the current state of the art in crypto held by security researchers at 30C3:

I configured nginx to support encrypted communication exclusively for my WordPress installation. The PDF guide from bettercrypto.org was a great resource for selecting the cypher suits and some additional parameters.

If you would like to configure your nginx webserver and WordPress installation to support https just drop me a message. I am pleased to help you with my experiences.

(via A year in Crypto)

Public Key Infrastructure (PKI) – Secure Key Exchange – [video]

In public key infrastructures a common problem is that both communication partners have to have the same key in order communicate in a secure way (to encrypt and decrypt messages properly). The question is how is it practically possible to share a secret key over an untrusted channel like the internet for example. The solution is the use of asynchronous methods (public and private keys) in order to exchange the secret key in a secure way. In the following video Professor Christopher M. Bishop (Distinguished Scientist at Microsoft Research Cambridge) explains this method in a handy and understandable way to a group of children.

[youtube U62S8SchxX4]

The blue key in the video represents the secret (shared secret). The red key of Andy is his private key and the green key is the private key of Christopher. I guess the public keys are omitted in the video for didactical reasons. But the video demonstrates the key exchange in an easy to understand manner.

Reblog this post [with Zemanta]