Debricked
2019-04-12
On the Difficulty of Generating Randomness
Random number generation Random numbers are used in a plethora of cryptographic applications. A random number generator (RNG) is a device that generates a sequence of numbers such that they can not be predicted better than guessing. There are two different types of random number generators —[…]
2019-01-10
CTF: JSON Web Tokens (JWT)
Vulnerabilities in JWT libraries JSON Web Tokens (JWTs) are commonly used for authorization purposes, since they provide a structured way to describe a token which can be used for access control. However, JWT libraries may contain flaws, and must be used in the correct way. The Capture[…]
2018-12-19
CTF: Repeated keystream
The problems with repeated keystream in stream ciphers Repeated keystream can sometimes be devastating when using stream ciphers. The Capture the Flag event co-organized by Debricked at Lund University included examples of this problem. Stream ciphers try to mimic the One Time Pad (OTP), but without the[…]
2018-12-12
Capture the Flag event with Debricked and Lund University
CTF-Event with Lund University Debricked, in cooperation with the Department of Electrical and Information Technology, Lund University, hosted a Capture the Flag (CTF) competition for students at the university. The event attracted more than 50 students from 8 different programs, forming in total 17 teams. The evening[…]
2018-11-28
Debricked receives Vinnova funding for prototype
Debricked has received 800.000 SEK from Vinnova for building a prototype that will improve management and understanding of vulnerabilities in third party code. The prototype will use Debricked’s vulnerability database, extend it and provide value creation in several important aspects. Some examples include visualization and comparison of[…]
2018-11-25
Introducing Debricked
Debricked AB is a spin off company from a research project coordinated by Lund University, Sweden. The project’s main goal was to develop, implement and evaluate processes and tools for handling vulnerabilities in third party software components. This is related to the well known area of software[…]
Recent Comments