This theoretical paper shows how to factor 2048-bit RSA moduli with a 20-million qubit quantum computer in eight hours. It’s interesting work, but I don’t want overstate the risk. We know from Shor’s Algorithm that both factoring and discrete logs are easy to solve on a large, working quantum computer. Both of those are currently … Read More “Factoring 2048-bit Numbers Using 20 Million Qubits” »
Category: cryptography
Auto Added by WPeMatico
In 1999, I invented the Solitaire encryption algorithm, designed to manually encrypt data using a deck of cards. It was written into the plot of Neal Stephenson’s novel Cryptonomicon, and I even wrote an afterward to the book describing the cipher. I don’t talk about it much, mostly because I made a dumb mistake that … Read More “More Cryptanalysis of Solitaire” »
A decade ago, the Doghouse was a regular feature in both my email newsletter Crypto-Gram and my blog. In it, I would call out particularly egregious — and amusing — examples of cryptographic “snake oil.” I dropped it both because it stopped being fun and because almost everyone converged on standard cryptographic libraries, which meant … Read More “The Doghouse: Crown Sterling” »
I didn’t know that Supreme Court Justice John Paul Stevens “was also a cryptographer for the Navy during World War II.” He was a proponent of individual privacy. Powered by WPeMatico
At least one presidential candidate has a policy about quantum computing and encryption. It has two basic planks. One: fund quantum-resistant encryption standards. (Note: NIST is already doing this.) Two, fund quantum computing. (Unlike many far more pressing computer security problems, the market seems to be doing this on its own quite nicely.) Okay, so … Read More “Presidential Candidate Andrew Yang Has Quantum Encryption Policy” »
My Applied Cryptography is on a list of books banned in Oregon prisons. It’s not me — and it’s not cryptography — it’s that the prisons ban books that teach people to code. The subtitle is “Algorithms, Protocols, and Source Code in C” — and that’s the reason. My more recent Cryptography Engineering is a … Read More “Applied Cryptography is Banned in Oregon Prisons” »
Google has released an open-source cryptographic tool: Private Join and Compute. From a Wired article: Private Join and Compute uses a 1970s methodology known as “commutative encryption” to allow data in the data sets to be encrypted with multiple keys, without it mattering which order the keys are used in. This is helpful for multiparty … Read More “Google Releases Basic Homomorphic Encryption Tool” »
Wow, is this an embarrassing bug: Yubico is recalling a line of security keys used by the U.S. government due to a firmware flaw. The company issued a security advisory today that warned of an issue in YubiKey FIPS Series devices with firmware versions 4.4.2 and 4.4.4 that reduced the randomness of the cryptographic keys … Read More “Yubico Security Keys with a Crypto Flaw” »
MongoDB now has the ability to encrypt data by field: MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient. In such a “client-side” encryption scheme, databases utilizing Field Level Encryption … Read More “MongoDB Offers Field Level Encryption” »
Matthew Green intelligently speculates about how Apple’s new “Find My” feature works. If you haven’t already been inspired by the description above, let me phrase the question you ought to be asking: how is this system going to avoid being a massive privacy nightmare? Let me count the concerns: If your device is constantly emitting … Read More “How Apple’s “Find My” Feature Works” »