Category: cryptography

Auto Added by WPeMatico

Evidence for the Security of PKCS #1 Digital Signatures

Posted on By infossl
academicpapers, algorithms, cryptanalysis, cryptography, rsa, Security technology, signatures

This is interesting research: “On the Security of the PKCS#1 v1.5 Signature Scheme“: Abstract: The RSA PKCS#1 v1.5 signature algorithm is the most widely used digital signature scheme in practice. Its two main strengths are its extreme simplicity, which makes it very easy to implement, and that verification of signatures is significantly faster than for … Read More “Evidence for the Security of PKCS #1 Digital Signatures” »

New Findings About Prime Number Distribution Almost Certainly Irrelevant to Cryptography

Posted on By infossl
academicpapers, cryptanalysis, cryptography, rsa, Security technology

Lots of people are e-mailing me about this new result on the distribution of prime numbers. While interesting, it has nothing to do with cryptography. Cryptographers aren’t interested in how to find prime numbers, or even in the distribution of prime numbers. Public-key cryptography algorithms like RSA get their security from the difficulty of factoring … Read More “New Findings About Prime Number Distribution Almost Certainly Irrelevant to Cryptography” »

AES Resulted in a $250-Billion Economic Benefit

Posted on By infossl
aes, cryptography, nist, Security technology

NIST has released a new study concluding that the AES encryption standard has resulted in a $250-billion worldwide economic benefit over the past 20 years. I have no idea how to even begin to assess the quality of the study and its conclusions — it’s all in the 150-page report, though — but I do … Read More “AES Resulted in a $250-Billion Economic Benefit” »

Quantum Computing and Cryptography

Posted on By infossl
cryptography, encryption, essays, quantumcomputing, rsa, Security technology

Quantum computing is a new way of computing — one that could allow humankind to perform computations that are simply impossible using today’s computing technologies. It allows for very fast searching, something that would break some of the encryption algorithms we use today. And it allows us to easily factor large numbers, something that would … Read More “Quantum Computing and Cryptography” »

GCHQ on Quantum Key Distribution

Posted on By infossl
authentication, cryptography, economicsofsecurity, encryption, gchq, keys, quantumcomputing, quantumcryptography, Security technology

The UK’s GCHQ delivers a brutally blunt assessment of quantum key distribution: QKD protocols address only the problem of agreeing keys for encrypting data. Ubiquitous on-demand modern services (such as verifying identities and data integrity, establishing network sessions, providing access control, and automatic software updates) rely more on authentication and integrity mechanisms — such as … Read More “GCHQ on Quantum Key Distribution” »

Major Bluetooth Vulnerability

Posted on By infossl
academicpapers, bluetooth, cryptography, encryption, keys, Security technology, vulnerabilities, wifi, wireless

Bluetooth has a serious security vulnerability: In some implementations, the elliptic curve parameters are not all validated by the cryptographic algorithm implementation, which may allow a remote attacker within wireless range to inject an invalid public key to determine the session key with high probability. Such an attacker can then passively intercept and decrypt all … Read More “Major Bluetooth Vulnerability” »

Defeating the iPhone Restricted Mode

Posted on By infossl
apple, cellphones, cryptanalysis, cryptography, iphone, Security technology

Recently, Apple introduced restricted mode to protect iPhones from attacks by companies like Cellebrite and Greyshift, which allow attackers to recover information from a phone without the password or fingerprint. Elcomsoft just announced that it can easily bypass it. There is an important lesson in this: security is hard. Apple Computer has one of the … Read More “Defeating the iPhone Restricted Mode” »

Details on a New PGP Vulnerability

Posted on By infossl
cryptography, eavesdropping, email, encryption, pgp, Security technology, signal, vulnerabilities, whatsapp

A new PGP vulnerability was announced today. Basically, the vulnerability makes use of the fact that modern e-mail programs allow for embedded HTML objects. Essentially, if an attacker can intercept and modify a message in transit, he can insert code that sends the plaintext in a URL to a remote website. Very clever. The EFAIL … Read More “Details on a New PGP Vulnerability” »

Critical PGP Vulnerability

Posted on By infossl
cryptanalysis, cryptography, email, encryption, pgp, protocols, Security technology, vulnerabilities

EFF is reporting that a critical vulnerability has been discovered in PGP and S/MIME. No details have been published yet, but one of the researchers wrote: We’ll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. … Read More “Critical PGP Vulnerability” »