encryption – Page 12 – SSL and internet security news

Details on a New PGP Vulnerability

May 14, 2018 infossl

cryptography, eavesdropping, email, encryption, pgp, Security technology, signal, vulnerabilities, whatsapp

A new PGP vulnerability was announced today. Basically, the vulnerability makes use of the fact that modern e-mail programs allow for embedded HTML objects. Essentially, if an attacker can intercept and modify a message in transit, he can insert code that sends the plaintext in a URL to a remote website. Very clever. The EFAIL … Read More “Details on a New PGP Vulnerability” »

Critical PGP Vulnerability

May 14, 2018 infossl

cryptanalysis, cryptography, email, encryption, pgp, protocols, Security technology, vulnerabilities

EFF is reporting that a critical vulnerability has been discovered in PGP and S/MIME. No details have been published yet, but one of the researchers wrote: We’ll publish critical vulnerabilities in PGP/GPG and S/MIME email encryption on 2018-05-15 07:00 UTC. They might reveal the plaintext of encrypted emails, including encrypted emails sent in the past. … Read More “Critical PGP Vulnerability” »

Virginia Beach Police Want Encrypted Radios

May 9, 2018 infossl

backdoors, encryption, lawenforcement, police, Security technology

This article says that the Virginia Beach police are looking to buy encrypted radios. Virginia Beach police believe encryption will prevent criminals from listening to police communications. They said officer safety would increase and citizens would be better protected. Someone should ask them if they want those radios to have a backdoor. Powered by WPeMatico

Ray Ozzie’s Encryption Backdoor

May 7, 2018 infossl

backdoors, cryptography, cryptowars, encryption, keyescrow, lawenforcement, Security technology, securityengineering

Last month, Wired published a long article about Ray Ozzie and his supposed new scheme for adding a backdoor in encrypted devices. It’s a weird article. It paints Ozzie’s proposal as something that “attains the impossible” and “satisfies both law enforcement and privacy purists,” when (1) it’s barely a proposal, and (2) it’s essentially the … Read More “Ray Ozzie’s Encryption Backdoor” »

LC4: Another Pen-and-Paper Cipher

May 3, 2018 infossl

academicpapers, cryptanalysis, encryption, Security technology

Interesting symmetric cipher: LC4: Abstract: ElsieFour (LC4) is a low-tech cipher that can be computed by hand; but unlike many historical ciphers, LC4 is designed to be hard to break. LC4 is intended for encrypted communication between humans only, and therefore it encrypts and decrypts plaintexts and ciphertexts consisting only of the English letters A … Read More “LC4: Another Pen-and-Paper Cipher” »

IoT Inspector Tool from Princeton

May 1, 2018 infossl

authentication, encryption, internetofthings, Security technology

Researchers at Princeton University have released IoT Inspector, a tool that analyzes the security and privacy of IoT devices by examining the data they send across the Internet. They’ve already used the tool to study a bunch of different IoT devices. From their blog post: Finding #3: Many IoT Devices Contact a Large and Diverse … Read More “IoT Inspector Tool from Princeton” »

Two NSA Algorithms Rejected by the ISO

April 25, 2018 infossl

algorithms, backdoors, cryptanalysis, edwardsnowden, encryption, internetofthings, nsa, Security technology

The ISO has rejected two symmetric encryption algorithms: SIMON and SPECK. These algorithms were both designed by the NSA and made public in 2013. They are optimized for small and low-cost processors like IoT devices. The risk of using NSA-designed ciphers, of course, is that they include NSA-designed backdoors. Personally, I doubt that they’re backdoored. … Read More “Two NSA Algorithms Rejected by the ISO” »

Baseball Code

April 24, 2018 infossl

encryption, Security technology, sports

Info on the coded signals used by the Colorado Rockies. Powered by WPeMatico

Russia is Banning Telegram

April 23, 2018 infossl

backdoors, cellphones, encryption, jamming, russia, Security technology, securitypolicies

Russia has banned the secure messaging app Telegram. It’s making an absolute mess of the ban — blocking 16 million IP addresses, many belonging to the Amazon and Google clouds — and it’s not even clear that it’s working. But, more importantly, I’m not convinced Telegram is secure in the first place. Such a weird … Read More “Russia is Banning Telegram” »

Oblivious DNS

April 18, 2018 infossl

dna, eavesdropping, encryption, leaks, Security technology

Interesting idea: …we present Oblivious DNS (ODNS), which is a new design of the DNS ecosystem that allows current DNS servers to remain unchanged and increases privacy for data in motion and at rest. In the ODNS system, both the client is modified with a local resolver, and there is a new authoritative name server … Read More “Oblivious DNS” »