Informations about SSL certificates and networks security
Auto Added by WPeMatico
The ISO has decided not to approve two NSA-designed block encryption algorithms: Speck and Simon. It’s because the NSA is not trusted to put security ahead of surveillance: A number of them voiced their distrust in emails to one another, seen by Reuters, and in written comments that are part of the process. The suspicions … Read More “ISO Rejects NSA Encryption Algorithms” »
New research: “Verified Correctness and Security of mbedTLS HMAC-DRBG,” by Katherine Q. Ye, Matthew Green, Naphat Sanguansin, Lennart Beringer, Adam Petcher, and Andrew W. Appel. Abstract: We have formalized the functional specification of HMAC-DRBG (NIST 800-90A), and we have proved its cryptographic security — that its output is pseudorandom — using a hybrid game-based proof. … Read More “Proof that HMAC-DRBG has No Back Doors” »
Ross Anderson gave a talk on the history of the Crypto Wars in the UK. I am intimately familiar with the US story, but didn’t know as much about Britain’s verson. Hour-long video. Summary. Powered by WPeMatico
The press is reporting a $32M theft of the cryptocurrency Ethereum. Like all such thefts, they’re not a result of a cryptographic failure in the currencies, but instead a software vulnerability in the software surrounding the currency — in this case, digital wallets. This is the second Ethereum hack this week. The first tricked people … Read More “Ethereum Hacks” »
The Intelligence Advanced Research Projects Activity (IARPA) is soliciting proposals for research projects in secure multiparty computation: Specifically of interest is computing on data belonging to different — potentially mutually distrusting — parties, which are unwilling or unable (e.g., due to laws and regulations) to share this data with each other or with the underlying … Read More “DNI Wants Research into Secure Multiparty Computation” »
The Intercept published a story about a dedicated NSA brute-force keysearch machine being built with the help of New York University and IBM. It’s based on a document that was accidentally shared on the Internet by NYU. The article is frustratingly short on details: The WindsorGreen documents are mostly inscrutable to anyone without a Ph.D. … Read More “NSA Brute-Force Keysearch Machine” »
Interesting law journal article: “Encryption and the Press Clause,” by D. Victoria Barantetsky. Abstract: Almost twenty years ago, a hostile debate over whether government could regulate encryption — later named the Crypto Wars — seized the country. At the center of this debate stirred one simple question: is encryption protected speech? This issue touched all … Read More “Encryption Policy and Freedom of the Press” »
Kalyna is a block cipher that became a Ukrainian national standard in 2015. It supports block and key sizes of 128, 256, and 512 bits. Its structure looks like AES but optimized for 64-bit CPUs, and it has a complicated key schedule. Rounds range from 10-18, depending on block and key sizes. There is some … Read More “Kalyna Block Cipher” »
This is William Friedman’s highly annotated copy of Herbert Yardley’s book, The American Black Chamber. Powered by WPeMatico
Researchers have demonstrated using Intel’s Software Guard Extensions to hide malware and steal cryptographic keys from inside SGX’s protected enclave: Malware Guard Extension: Using SGX to Conceal Cache Attacks Abstract:In modern computer systems, user processes are isolated from each other by the operating system and the hardware. Additionally, in a cloud scenario it is crucial … Read More “Using Intel's SGX to Attack Itself” »