πŸ”’
There are new articles available, click to refresh the page.
Yesterday β€” 26 May 2022NCC Group Research

Public Report – go-cose Security Assessment

26 May 2022 at 17:15

In April and May 2022, NCC Group Cryptography Services engaged in a security and cryptography assessment reviewing Microsoft’s contributions to theΒ go-cose library, a Go library implementing signing and verification for CBOR Object Signing and Encryption (COSE), as specified inΒ RFC 8152. This library focuses on a minimal feature set to enable the signing and verification of COSE messages using a single signer, aka β€œsign1”. The purpose of this assessment was to identify cryptographic vulnerabilities and application-level security issues that could adversely affect the security of the go-cose library.

The Public Report for this review may be downloaded below:

  • There are no more articles
❌