An inherent security risk that I discovered within the remote RPC serialization endpoints of several emerging blockchains.
2023年终总结
A cloud gaming solution by Parsec.
Analyse CVE-2022-21449 by diving into the source code.
Notes
Timing attack that turns infeasible into feasible.
行程卡接口安全测试
Pressure: a toy private set intersection challenge
Notes
Several attacks on the state machines of IM softwares
Lazy STEK: TLS Pre-shared keys + AES-GCM forbidden attack
2021年终总结