Community Picks·44wYour Ultimate MCP Server Hub
MCPHub is a unified management platform that consolidates multiple Model Context Protocol (MCP) servers into a single Server-Sent Events (SSE) endpoint. It provides a dashboard for monitoring server status and simplifies infrastructure management for AI applications. The tool can be quickly deployed using Docker and allows customization through JSON configuration files.
Kirupa·1yHash Functions Deep Dive
Hash functions are essential for efficient data storage and retrieval, password verification, file integrity checking, and digital signatures. This deep dive explains the fundamentals of hash functions, their inputs and outputs, and the criteria that make a good hash function. It also demonstrates how to create a simple hash function in JavaScript and improves it using position weighting. The importance of using existing, well-designed hash functions like MD5 and SHA for critical purposes is emphasized.
Tiger's Place·1yHow to store external API keys securely
Learn how to store external API keys securely using encryption techniques. The post covers binary data fundamentals, cryptography basics, key generation and management, the encryption and decryption processes, and crucial security considerations. Implementing encryption at rest ensures the API keys remain secure, and steps are provided to avoid common security mistakes.
LaurieWired·1y2025 Computer Science Predictions
Predictions for 2025 include increased adoption of RISC-V in major Linux distributions, quantum-resistant cryptographic algorithms by NIST, the continued rise of memory-safe programming languages like Rust and Go, and emerging trends in AI-generated content and background music. Moreover, expectations include the use of AI upscaling in streaming and LLMs' impact on decompiler tools and NPC interactions in gaming.
OpenSouls·31wUUIDv47
UUIDv47 is a library that enables reversible transformation between UUIDv7 (time-ordered) and UUIDv4 (random-appearing) formats. It allows developers to hide time-ordering from external APIs while maintaining internal chronological benefits, using cryptographically secure SipHash-2-4 algorithm with high performance and zero dependencies.
All Things Distributed·22wTech predictions for 2026 and beyond
Five major technology predictions for 2026 and beyond: companion robots will combat the global loneliness epidemic through emotional AI, particularly for elderly and pediatric care; developers will evolve into renaissance polymaths who combine technical skills with domain expertise as AI handles code generation; quantum computing advances are compressing security timelines, requiring immediate post-quantum cryptography deployment across infrastructure; defense technology innovation cycles are accelerating from decades to years, with dual-use systems reaching civilian applications faster; and AI-powered personalized education will democratize one-on-one tutoring at scale, adapting to individual learning styles while freeing teachers from administrative tasks.
Mohd Shamoon·37wBuilding My Own Enigma Machine Simulator
A developer built a full-stack Enigma machine simulator using React, TypeScript, and Express.js with MongoDB. The project recreates the historic WWII encryption device with features like symmetric encryption/decryption, custom machine generation via seed and email, and an interactive UI with rotor and plugboard simulation. The implementation includes both frontend visualization and backend API handling, demonstrating cryptographic principles while serving as an educational tool.
Node.js·33wNode.js
Node.js v24.8.0 introduces HTTP/2 network inspection support in Chrome DevTools, allowing developers to track HTTP/2 calls during debugging. The release includes significant cryptography enhancements with support for Ed448, ML-DSA, KMAC, Argon2, and SLH-DSA algorithms in both node:crypto and Web Cryptography APIs. Additional improvements include CPU profiling APIs for worker threads, various bug fixes across modules like assert, fs, and streams, and dependency updates including npm 11.6.0.
WebDev·32wUUIDv47
UUIDv47 is a library that enables reversible transformation between UUIDv7 (time-ordered) and UUIDv4 (random-appearing) formats. It allows developers to hide time-ordering from external APIs while maintaining internal chronological benefits, using cryptographically secure SipHash-2-4 algorithm with high performance and zero dependencies.
freeCodeCamp·1yThe Cryptography Handbook: Exploring RSA PKCSv1.5, OAEP, and PSS
The post delves into the intricacies of the RSA algorithm, tracing its evolution from its introduction in 1978 to addressing vulnerabilities discovered over the years. It explains the mathematical principles underlying RSA, various types of attacks that have been identified, and the implementation of countermeasures such as different padding schemes (PKCS#1 v1.5, OAEP) and digital signature protocols (PSS). The discussion highlights the importance of proper implementation to maintain security, including the transition to optimal asymmetric encryption padding (OAEP) and probabilistic signature schemes (PSS) to prevent modern cryptographic attacks.
Node.js·23wNode.js — Node.js v25.2.1 (Current)
Node.js v25.2.1 has been released, reverting a spec-compliant behavior change that threw errors on localStorage access. The team determined this breaking change was too disruptive for a semver-minor release and postponed it to version 26.0.0. The release includes fixes for RSA-PSS saltLength defaults in crypto, a V8 backport, and clarifications on the experimental status of Web Storage support.
Nestjs Developers·31wUUIDv47
UUIDv47 is a library that enables reversible transformation between UUIDv7 (time-ordered) and UUIDv4 (random-appearing) formats. It allows developers to hide time-ordering from external APIs while maintaining internal chronological benefits, using cryptographically secure SipHash-2-4 algorithm with high performance and zero dependencies.
Tech Lead Digest·45wThe Ultimate Guide to JWT Vulnerabilities and Attacks (with Exploitation Examples)
JWT vulnerabilities pose serious security risks in modern web applications. Common attacks include signature bypass, algorithm confusion (switching from RS256 to HS256), weak secret brute-forcing, and injection attacks through header parameters like 'kid' and 'jku'. The guide covers exploitation techniques for each vulnerability type, from trivial signature removal to sophisticated ECDSA psychic signature attacks. Key defense strategies include strict algorithm validation, secure key management, input sanitization, and proper signature verification implementation.
Cloudflare·50wForget IPs: using cryptography to verify bot and agent traffic
As the distinction between malicious and beneficial bots becomes blurred due to increased AI traffic, Cloudflare proposes using cryptographic methods to authenticate bots. This approach includes HTTP message signatures and request mTLS to verify bot identity. These methods aim to replace outdated IP address validation, providing a reliable way for bots to declare their identity. Both mechanisms are explored, with the potential to integrate them into broader bot management and AI audit systems, aimed at enhancing both security and traffic control for websites.
.NET Blog·23wPost-Quantum Cryptography in .NET
.NET 10 introduces post-quantum cryptography support with four new algorithms: ML-KEM, ML-DSA, SLH-DSA, and Composite ML-DSA. The implementation breaks from the traditional AsymmetricAlgorithm base class pattern, introducing a new design where instances represent keys rather than algorithms, with improved disposal semantics and extensive use of the Template Method Pattern. The new classes minimize code duplication in derived types, use Span-based APIs for performance, and include platform-specific implementations for Windows (CNG) and Linux (OpenSSL 3.5+). Integration extends to X.509 certificates, TLS 1.3, SignedCms, and COSE, though some methods remain experimental pending final specification publication.
freeCodeCamp·42wWhat Are JSON Web Tokens (JWT)?
JSON Web Tokens (JWT) are digitally signed, self-contained tokens used for secure authentication between systems. JWTs consist of three parts: header (metadata), payload (claims/data), and signature (verification). They can be signed using symmetric algorithms like HS256 with shared secrets or asymmetric algorithms like RS256 with public/private key pairs. The signature ensures authenticity and integrity without requiring server-side session storage. Key security practices include using HTTPS, keeping tokens short-lived, implementing refresh tokens, protecting signing keys, and never storing sensitive data in the payload.
System Design Codex·33wJWT versus PASETO
JWT and PASETO are both token-based authentication mechanisms for secure client-server communication. JWT is widely adopted but has security pitfalls like algorithm confusion attacks and complex configuration choices. PASETO was designed as a safer alternative with secure defaults, enforced modern cryptography, and simplified specifications to prevent developer errors. While JWT has better ecosystem support and adoption, PASETO offers improved security through its opinionated approach that removes insecure options.
Community Picks·1ySSE (server sent events) is fun / Go
Creating a live counter for a popular interior design quiz using Server-Sent Events (SSE) to keep track of user presence, quiz results, and broadcasting messages with efficient use of Go, Redis, and a thoughtful UI design. The approach emphasizes simplicity, scalability, and practical solutions for persistent connections and event handling.
Planet Python·1yThe Absolute Minimum Every Python Web Application Developer Must Know About Security
When developing Python web applications, it's essential to follow basic security principles: never store passwords in plain text, always use salted hashes or delegate password management to modern frameworks, and ensure data is encrypted both in transit and at rest. The Defence in Depth approach emphasizes multiple layers of security, including the use of TLS for network security and understanding cryptography algorithms. The guide also covers important security principles, the OWASP Top Ten vulnerabilities, and the CVE warning system.
Milan Jovanović·1yImplementing AES Encryption With C#
Learn how to implement AES encryption in .NET with practical code examples for both encryption and decryption. Understand the differences between symmetric and asymmetric encryption, and get insights into secure key management and best practices for protecting sensitive data like API keys and database credentials.
DEV·33wFestFund: Private Contributions & Public Recognition - A Zero-Knowledge Fundraising Solution
FestFund is a fundraising platform that uses zero-knowledge proofs to enable private donations while maintaining public transparency. Built on Midnight Network, it allows donors to contribute anonymously while still providing verifiable leaderboards and milestone tracking. The platform reduces ZK proof generation time from 418ms to 1ms and includes features like cryptographic commitments, nullifier protection, and transparent accountability without exposing individual donation amounts.
Golang Weekly·25wGolang Weekly Issue 577: November 5, 2025
Go 1.21+ enables reproducible builds with byte-for-byte identical outputs, now with independent third-party verification for enhanced security. The Dolt database demonstrates dependency management patterns for large Go projects with 762k lines of code. Claude Code successfully debugged complex low-level cryptography issues in an ML-DSA post-quantum signature implementation. Recent releases include Crush 0.15 AI coding agent, Vitess 23.0 MySQL scaling system, and Lazygit 0.56 terminal UI.
System Weakness·1yBasics of cryptography ( Part1 )
Cryptography converts readable text into unreadable ciphertext using encryption methods. Three main types include symmetric encryption (same key for encryption/decryption), asymmetric encryption (public/private key pairs), and hashing (one-way transformation for data integrity). Practical examples and websites for implementing these methods are provided.
DevBlogs·37wGo 1.25.0-1 Microsoft build now available
Microsoft released Go 1.25.0-1 with system-provided cryptography enabled by default (OpenSSL on Linux, CNG on Windows) and introduced opt-out telemetry collection. The build aligns with Microsoft's security policies but may require action for Linux builds without cgo or distroless containers. Users can disable systemcrypto via GOEXPERIMENT=nosystemcrypto and telemetry via MS_GOTOOLCHAIN_TELEMETRY_ENABLED=0.
Go·49wGo Cryptography Security Audit
The Go programming language underwent a security audit by Trail of Bits, focusing on its cryptography packages. The audit highlighted one low-severity issue and several informational findings, primarily concerning timing side-channels and memory management in the legacy Go+BoringCrypto integration. The Go team has addressed these issues in the upcoming Go 1.25 version. The audit validates Go's commitment to developing robust cryptographic libraries, with future plans to enhance post-quantum cryptography and simplify high-level cryptography APIs.