Category: encryption

Auto Added by WPeMatico

SIKE Broken

Posted on By infossl
algorithms, cryptanalysis, cryptography, encryption, nist, quantum computing, Security technology, Uncategorized

SIKE is one of the new algorithms that NIST recently added to the post-quantum cryptography competition. It was just broken, really badly. We present an efficient key recovery attack on the Supersingular Isogeny Diffie­-Hellman protocol (SIDH), based on a “glue-and-split” theorem due to Kani. Our attack exploits the existence of a small non-scalar endomorphism on … Read More “SIKE Broken” »

Facebook Is Now Encrypting Links to Prevent URL Stripping

Posted on By infossl
browsers, encryption, facebook, Security technology, tracking, Uncategorized

Some sites, including Facebook, add parameters to the web address for tracking purposes. These parameters have no functionality that is relevant to the user, but sites rely on them to track users across pages and properties. Mozilla introduced support for URL stripping in Firefox 102, which it launched in June 2022. Firefox removes tracking parameters … Read More “Facebook Is Now Encrypting Links to Prevent URL Stripping” »

NIST Announces First Four Quantum-Resistant Cryptographic Algorithms

Posted on By infossl
cryptography, encryption, nist, quantum computing, Security technology, Uncategorized

NIST’s post-quantum computing cryptography standard process is entering its final phases. It announced the first four algorithms: For general encryption, used when we access secure websites, NIST has selected the CRYSTALS-Kyber algorithm. Among its advantages are comparatively small encryption keys that two parties can exchange easily, as well as its speed of operation. For digital … Read More “NIST Announces First Four Quantum-Resistant Cryptographic Algorithms” »

Forging Australian Driver’s Licenses

Posted on By infossl
authorization, cars, encryption, forgery, Security technology, Uncategorized

The New South Wales digital driver’s license has multiple implementation flaws that allow for easy forgeries. This file is encrypted using AES-256-CBC encryption combined with Base64 encoding. A 4-digit application PIN (which gets set during the initial onboarding when a user first instals the application) is the encryption password used to protect or encrypt the … Read More “Forging Australian Driver’s Licenses” »

The NSA Says that There are No Known Flaws in NIST’s Quantum-Resistant Algorithms

Posted on By infossl
encryption, nist, nsa, quantum computing, Security technology, Uncategorized

Rob Joyce, the director of cybersecurity at the NSA, said so in an interview: The NSA already has classified quantum-resistant algorithms of its own that it developed over many years, said Joyce. But it didn’t enter any of its own in the contest. The agency’s mathematicians, however, worked with NIST to support the process, trying … Read More “The NSA Says that There are No Known Flaws in NIST’s Quantum-Resistant Algorithms” »

Decrypting Hive Ransomware Data

Posted on By infossl
academic papers, cryptanalysis, encryption, ransomware, Security technology, Uncategorized

Nice piece of research: Abstract: Among the many types of malicious codes, ransomware poses a major threat. Ransomware encrypts data and demands a ransom in exchange for decryption. As data recovery is impossible if the encryption key is not obtained, some companies suffer from considerable damage, such as the payment of huge amounts of money … Read More “Decrypting Hive Ransomware Data” »

New DeadBolt Ransomware Targets NAT Devices

Posted on By infossl
cyberattack, encryption, ransomware, Security technology, Uncategorized, zero-day

There’s a new ransomware that targets NAT devices made by QNAP: The attacks started today, January 25th, with QNAP devices suddenly finding their files encrypted and file names appended with a .deadbolt file extension. Instead of creating ransom notes in each folder on the device, the QNAP device’s login page is hijacked to display a … Read More “New DeadBolt Ransomware Targets NAT Devices” »

UK Government to Launch PR Campaign Undermining End-to-End Encryption

Posted on By infossl
child pornography, children, crypto wars, cybersecurity, encryption, marketing, privacy, propaganda, Security technology, Uncategorized

Rolling Stone is reporting that the UK government has hired the M&C Saatchi advertising agency to launch an anti-encryption advertising campaign. Presumably they’ll lean heavily on the “think of the children!” rhetoric we’re seeing in this current wave of the crypto wars. The technical eavesdropping mechanisms have shifted to client-side scanning, which won’t actually help … Read More “UK Government to Launch PR Campaign Undermining End-to-End Encryption” »

New German Government is Pro-Encryption and Anti-Backdoors

Posted on By infossl
backdoors, encryption, germany, national security policy, privacy, Security technology, Uncategorized

I hope this is true: According to Jens Zimmermann, the German coalition negotiations had made it “quite clear” that the incoming government of the Social Democrats (SPD), the Greens and the business-friendly liberal FDP would reject “the weakening of encryption, which is being attempted under the guise of the fight against child abuse” by the … Read More “New German Government is Pro-Encryption and Anti-Backdoors” »