The encryption codes that safeguard internet data today won´t be secure forever.
Future quantum computers may have the processing power and algorithms to crack them.
Nathan Hamlin, instructor and director of the WSU Math Learning Center, is helping to prepare for this eventuality.
He is the author of a new paper in the Open Journal of Discrete Mathematics that explains how a code he wrote for a doctoral thesis, the Generalized Knapsack Code, could thwart hackers armed with next generation quantum computers.
Google, Microsoft and Mozilla say they won´t trust anyone who hasn´t migrated.
One in five websites (21 per cent) are still using certificates signed with the vulnerable SHA-1 hash algorithm, according to a new survey.
Reliance on the obsolete hashing technology leaves companies at greater risk of security breaches and compliance problems, certificate management firm Venafi warns.
Venafi´s latest study shows there has been improvement since November 2016, when a third (35 per cent) of websites were still using SHA-1.
No Need to Panic, Cryptographers Say; Just Wait for NIST Guidance
There´s good news for anyone worried about the rise of quantum computers and the risk that they could be used to crack modern, public-key crypto systems, thus imperiling the security of much of today´s data, both in transit and at rest. Leading cryptographers advise: Don´t panic, and above all, don´t do anything about it right now.
This year´s RSA Conference, which was held Feb. 13-17 in San Francisco, saw more than 43,000 attendees show up to listen to speakers and to learn from vendors about the latest security trends, products and services. Among the annual traditions at the RSA Conference is the Cryptographers Panel, which includes Ron Rivest (the "R" in RSA) and Adi Shamir (the "S" in RSA). The cryptographers are not particularly enthusiastic about the modern state of security, with Shamir claiming that the internet as we know it is broken. Also at the conference, former U.S. National Security Agency (NSA) chief Gen. Keith Alexander talked about how the cloud can help enable a common defense for organizations of all sizes. Meanwhile at a VIP event at the RSA Conference, Michael Dell, CEO of Dell Technologies, spoke about new innovations from RSA as well his company´s broader approach to securing IT assets and information. And at a number of sessions at the conference, Google detailed its approaches to both Android and Gmail security. In this slide show, eWEEK takes a look at some of the highlights of the 2017 RSA Conference.
Practical Attack Demonstrated Against Deprecated Cryptographic Hash
„We have broken SHA-1 in practice,“ wrote a group of researchers from the Centrum Wiskunde & Informatica research center in Amsterdam and Google on Feb. 23. A research paper from CWI´s Marc Stevens and Pierre Karpman and Google´s Ange Albertini, Elie Bursztein and Yarik Markov says the group´s so-called „SHAttered attack“ can be used to compromise anything that relies on SHA-1.
The new Google Cloud Platform service will allow enterprises to create, use and rotate encryption keys to protect their data, company says.
In response to an unprecedented level of espionage and cyber attacks aimed at compromising critical government IT infrastructure-from networks to applications-the federal government last year announced new standards. Regulations have been enacted in 2016 to apply these standards to federal contractors and their subcontractors.
GoDaddy: Due to a software bug, the recently issued certificate for your domain was issued without proper domain validation, and in accordance with industry standards as a Certificate Authority, we will need to revoke your certificate as a precautionary measure. The certificate will be revoked today (January 10) by 9pm Pacific Time. The software bug that created the issue has been remedied. We continue to closely monitor our system.
No really. Insurer´s details on 60k people lost forever.
A UK insurance business has been fined £150,000 for its lax security practices after a hard drive containing customers´ unencrypted information was stolen.
The hard drive disappeared from the offices of Royal & Sun Alliance insurance (ironically it prefers the abbreviation RSA) back in 2015.
Der Schreck der Antiviren-Hersteller hat wieder zugeschlagen: Google-Forscher Tavis Ormandy hat diesmal Schwächen im Umgang mit SSL-Zertifikaten bei Kaspersky aufgedeckt. Und das nicht zum ersten Mal.
The first 2017 Levchin Prize recipient was the creator of said encryption, Joan Daemen. Along with his collaborators, Vincent Rijmen and the Keccak team, they are responsible for the development of the AES block cipher and the SHA3 hash function. Daemen was immediately followed by Moxie Marlinspike and Trevor Perrin, who were awarded the 2017 Levchin Prize for their development of the Signal protocol used to encrypt messages in communication systems.
From abstract—The static power consumption of modern CMOS
devices has become a substantial concern in the context of the
side-channel security of cryptographic hardware. The continuous
growth of the leakage power dissipation in nanometer-scaled
CMOS technologies is not only inconvenient for effective low
power designs, but does also create a new target for power
analysis adversaries. In this paper, we present the first experimental
results of a static power side-channel analysis targeting an
ASIC implementation of a provably first-order secure hardware
Following the Council meeting on 8th and 9th December 2016 in Brussels, ENISA´s paper gives an overview into aspects around the current debate on encryption, while highlighting the Agency´s key messages and views on the topic.
Google has released a set of tests that developers can use to check some open source cryptographic libraries for known security vulnerabilities.
The company has named the set of tests Project Wycheproof.
While 2016 may not have been the banner year for cryptographic exploits that 2015 was, researchers around the world continued to advance the state of the art.
- TLS 1.3 design finalized
- The quest for post-quantum cryptography continues
- New thinking on how to backdoor cryptographic algorithms
- RFC 5114: Another backdoored crypto standard from NIST?
- Cryptographic deniability pops up in the US presidential election
- Attacks only get better
- Out with the old, in with the new: HTTPS still being slowly hardened
Útržkovité informace o dalších plánech AMD provázely dohady, zda se platformy budou jmenovat X390 nebo X399 a zda půjde o high-endový desktop nebo serverové řešení. Ve skutečnosti se chystá obojí…
Repository. https://github.com/astorfi/TensorFLow-Deep-Learning.git … Short URLs. tensorflow-deep-learning.readthedocs. [Link to Full Article]
24. duben roku 1984 v sanfranciském Moscone Centru patřil Applu a jeho akci Apple II Forever . Na keynote s tímto názvem si přichystal Steve Jobs a Steve Wozniak premiéru počítače Apple IIc, jenž jako první zamířil do kategorie velmi kompaktních strojů. Web SF Chronicle nyní přišel s několika ...
Klub Sisyfos je součástí světového skeptického hnutí, které vzniklo v USA v roce 1976 jako reakce na vzestup iracionality ve společnosti. Jeho původním programem byla vědecká analýza pseudovědeckých názorů a údajně nadpřirozených jevů. Zájem skeptiků se ale postupně rozšiřoval i na další oblasti, ...