nsa – Page 7 – SSL and internet security news

NIST Issues Call for “Lightweight Cryptography” Algorithms

May 2, 2018 infossl

algorithms, cryptography, nist, nsa, Security technology

This is interesting: Creating these defenses is the goal of NIST’s lightweight cryptography initiative, which aims to develop cryptographic algorithm standards that can work within the confines of a simple electronic device. Many of the sensors, actuators and other micromachines that will function as eyes, ears and hands in IoT networks will work on scant … Read More “NIST Issues Call for “Lightweight Cryptography” Algorithms” »

New NSA/Cyber Command Head Confirmed by Senate

April 26, 2018 infossl

cybersecurity, nationalsecuritypolicy, nsa, Security technology

It’s Lt. Gen. Paul Nakasone. I know nothing about him. Powered by WPeMatico

Two NSA Algorithms Rejected by the ISO

April 25, 2018 infossl

algorithms, backdoors, cryptanalysis, edwardsnowden, encryption, internetofthings, nsa, Security technology

The ISO has rejected two symmetric encryption algorithms: SIMON and SPECK. These algorithms were both designed by the NSA and made public in 2013. They are optimized for small and low-cost processors like IoT devices. The risk of using NSA-designed ciphers, of course, is that they include NSA-designed backdoors. Personally, I doubt that they’re backdoored. … Read More “Two NSA Algorithms Rejected by the ISO” »

After Section 702 Reauthorization

January 31, 2018 infossl

courts, edwardsnowden, essays, lawenforcement, loopholes, nationalsecuritypolicy, nsa, privacy, Security technology, surveillance

For over a decade, civil libertarians have been fighting government mass surveillance of innocent Americans over the Internet. We’ve just lost an important battle. On January 18, President Trump signed the renewal of Section 702, domestic mass surveillance became effectively a permanent part of US law. Section 702 was initially passed in 2008, as an … Read More “After Section 702 Reauthorization” »

NSA Morale

January 9, 2018 infossl

leaks, nationalsecuritypolicy, nsa, Security technology

The Washington Post is reporting that poor morale at the NSA is causing a significant talent shortage. A November New York Times article said much the same thing. The articles point to many factors: the recent reorganization, low pay, and the various leaks. I have been saying for a while that the Shadow Brokers leaks … Read More “NSA Morale” »

The “Extended Random” Feature in the BSAFE Crypto Library

December 28, 2017 infossl

backdoors, cryptanalysis, cryptography, nsa, randomnumbers, Security technology, tls

Matthew Green wrote a fascinating blog post about the NSA’s efforts to increase the amount of random data exposed in the TLS protocol, and how it interacts with the NSA’s backdoor into the DUAL_EC_PRNG random number generator to weaken TLS. Powered by WPeMatico

NSA “Red Disk” Data Leak

November 30, 2017 infossl

leaks, nsa, secrecy, Security technology

ZDNet is reporting about another data leak, this one from US Army’s Intelligence and Security Command (INSCOM), which is also within to the NSA. The disk image, when unpacked and loaded, is a snapshot of a hard drive dating back to May 2013 from a Linux-based server that forms part of a cloud-based intelligence sharing … Read More “NSA “Red Disk” Data Leak” »

New White House Announcement on the Vulnerability Equities Process

November 17, 2017 infossl

nationalsecuritypolicy, nsa, Security technology, vulnerabilities

The White House has released a new version of the Vulnerabilities Equities Process (VEP). This is the inter-agency process by which the US government decides whether to inform the software vendor of a vulnerability it finds, or keep it secret and use it to eavesdrop on or attack other systems. You can read the new … Read More “New White House Announcement on the Vulnerability Equities Process” »

Long Article on NSA and the Shadow Brokers

November 14, 2017 infossl

breaches, hacking, insiders, leaks, nsa, Security technology

The New York Times just published a long article on the Shadow Brokers and their effects on NSA operations. Summary: it’s been an operational disaster, the NSA still doesn’t know who did it or how, and NSA morale has suffered considerably. This is me on the Shadow Brokers from last May. Powered by WPeMatico

More on Kaspersky and the Stolen NSA Attack Tools

October 11, 2017 infossl

backdoors, israel, kaspersky, leaks, nsa, russia, Security technology

Both the New York Times and the Washington Post are reporting that Israel has penetrated Kaspersky’s network and detected the Russian operation. From the New York Times: Israeli intelligence officers informed the NSA that, in the course of their Kaspersky hack, they uncovered evidence that Russian government hackers were using Kaspersky’s access to aggressively scan … Read More “More on Kaspersky and the Stolen NSA Attack Tools” »