encryption – Page 9 – SSL and internet security news

Germany Talking about Banning End-to-End Encryption

May 24, 2019 infossl

cryptography, cryptowars, encryption, germany, Security technology

Der Spiegel is reporting that the German Ministry for Internal Affairs is planning to require all Internet message services to provide plaintext messages on demand, basically outlawing strong end-to-end encryption. Anyone not complying will be blocked, although the article doesn’t say how. (Cory Doctorow has previously explained why this would be impossible.) The article is … Read More “Germany Talking about Banning End-to-End Encryption” »

German SG-41 Encryption Machine Up for Auction

May 23, 2019 infossl

cryptography, encryption, germany, historyofcryptography, Security technology

A German auction house is selling an SG-41. It looks beautiful. Starting price is 75,000 euros. My guess is that it will sell for around 100K euros. Powered by WPeMatico

Cryptanalyzing a Pair of Russian Encryption Algorithms

May 10, 2019 infossl

academicpapers, algorithms, backdoors, cryptanalysis, cryptography, encryption, hashes, russia, Security technology

A pair of Russia-designed cryptographic algorithms — the Kuznyechik block cipher and the Streebog hash function — have the same flawed S-box that is almost certainly an intentional backdoor. It’s just not the kind of mistake you make by accident, not in 2014. Powered by WPeMatico

Protecting Yourself from Identity Theft

May 6, 2019 infossl

cybercrime, encryption, essays, identitytheft, passwords, Security technology

I don’t have a lot of good news for you. The truth is there’s nothing we can do to protect our data from being stolen by cybercriminals and others. Ten years ago, I could have given you all sorts of advice about using encryption, not sending information over email, securing your web connections, and a … Read More “Protecting Yourself from Identity Theft” »

Stealing Ethereum by Guessing Weak Private Keys

April 29, 2019 infossl

academicpapers, blockchain, cryptocurrency, cryptography, encryption, hacking, keys, Security technology

Someone is stealing millions of dollars worth of Ethereum by guessing users’ private keys. Normally this should be impossible, but lots of keys seem to be very weak. Researchers are unsure how those weak keys are being generated and used. Their paper is here. Powered by WPeMatico

G7 Comes Out in Favor of Encryption Backdoors

April 23, 2019 infossl

backdoors, encryption, g7, hacking, keyescrow, keys, lawenforcement, Security technology, terrorism

From a G7 meeting of interior ministers in Paris this month, an “outcome document“: Encourage Internet companies to establish lawful access solutions for their products and services, including data that is encrypted, for law enforcement and competent authorities to access digital evidence, when it is removed or hosted on IT servers located abroad or encrypted, … Read More “G7 Comes Out in Favor of Encryption Backdoors” »

Unhackable Cryptography?

April 5, 2019 infossl

cryptography, encryption, hacking, Security technology, snakeoil

A recent article overhyped the release of EverCrypt, a cryptography library created using formal methods to prove security against specific attacks. The Quantum magazine article sets off a series of “snake-oil” alarm bells. The author’s Github README is more measured and accurate, and illustrates what a cool project this really is. But it’s not “hacker-proof … Read More “Unhackable Cryptography?” »

Enigma, Typex, and Bombe Simulators

March 22, 2019 infossl

cryptanalysis, cryptography, encryption, gchq, historyofcryptography, Security technology

GCHQ has put simulators for the Enigma, Typex, and Bombe on the Internet. News article. Powered by WPeMatico

CAs Reissue Over One Million Weak Certificates

March 18, 2019 infossl

authentication, certificates, encryption, randomnumbers, Security technology

Turns out that the software a bunch of CAs used to generate public-key certificates was flawed: they created random serial numbers with only 63 bits instead of the required 64. That may not seem like a big deal to the layman, but that one bit change means that the serial numbers only have half the … Read More “CAs Reissue Over One Million Weak Certificates” »

I Was Cited in a Court Decision

March 15, 2019 infossl

academicpapers, courts, encryption, passwords, schneiernews, Security technology

An article I co-wrote — my first law journal article — was cited by the Massachusetts Supreme Judicial Court — the state supreme court — in a case on compelled decryption. Here’s the first, in footnote 1: We understand the word “password” to be synonymous with other terms that cell phone users may be familiar … Read More “I Was Cited in a Court Decision” »