Tag Archives: cryptography

White House drastically shortens deadline for dropping quantum-vulnerable crypto

The White House is drastically shortening the deadline for government agencies and organizations to adopt new quantum-resistant encryption systems that will withstand attacks that use quantum computers, as the federal government seeks to protect decades’ worth of secrets belonging to militaries, banks, governments, and most individuals on Earth. The executive order, titled Securing the Nation… Read More: White House drastically shortens deadline for dropping quantum-vulnerable crypto »

Texas AG sues Meta over claims that WhatsApp doesn’t provide end-to-end encryption

The Texas Attorney General has sued Meta over allegations that the company’s WhatsApp messenger, used by more than 3 billion people, doesn’t provide the end-to-end encryption (E2EE) it has long claimed. Since at least 2016, Meta (then named Facebook) has said WhatsApp provides robust end-to-end encryption, meaning that messages are encrypted on a sender’s device… Read More: Texas AG sues Meta over claims that WhatsApp doesn’t provide… »

In a first, a ransomware family is confirmed to be quantum-safe

There is no practical benefit for Kyber developers to have chosen a PQC key-exchange algorithm. The Kyber ransom note gives victims one week to respond. Quantum computers capable of running Shor’s algorithm—the series of mathematical equations that allow the breakage of RSA and ECC (elliptic curve cryptography)—are, at a minimum, three years away and likely… Read More: In a first, a ransomware family is confirmed to be… »

Recent advances push Big Tech closer to the Q-Day danger zone

Interestingly, Amazon is using SigV4, an impromptu algorithm it developed in-house to make authentication quantum-safe. “AWS limits the transmission of these secrets to the moment of generation,” Campagna wrote. “Once initially distributed, it is never re-sent to the customer. While we made this decision to operate at the massive scale of AWS, we avoided the… Read More: Recent advances push Big Tech closer to the Q-Day danger… »

Meta pays the price for storing hundreds of millions of passwords in plaintext

Getty Images reader comments 90 Officials in Ireland have fined Meta $101 million for storing hundreds of millions of user passwords in plaintext and making them broadly available to company employees. Meta disclosed the lapse in early 2019. The company said that apps for connecting to various Meta-owned social networks had logged user passwords in… Read More: Meta pays the price for storing hundreds of millions of… »

As quantum computing threats loom, Microsoft updates its core crypto library

Getty Images reader comments 11 Microsoft has updated a key cryptographic library with two new encryption algorithms designed to withstand attacks from quantum computers. The updates were made last week to SymCrypt, a core cryptographic code library for handing cryptographic functions in Windows and Linux. The library, started in 2006, provides operations and algorithms developers… Read More: As quantum computing threats loom, Microsoft updates its core crypto… »

YubiKeys are vulnerable to cloning attacks thanks to newly discovered side channel

reader comments 118 The YubiKey 5, the most widely used hardware token for two-factor authentication based on the FIDO standard, contains a cryptographic flaw that makes the finger-size device vulnerable to cloning when an attacker gains temporary physical access to it, researchers said Tuesday. The cryptographic flaw, known as a side channel, resides in a… Read More: YubiKeys are vulnerable to cloning attacks thanks to newly discovered… »

Secure Boot is completely broken on 200+ models from 5 big device makers

sasha85ru | Getty Imates reader comments 114 In 2012, an industry-wide coalition of hardware and software makers adopted Secure Boot to protect against a long-looming security threat. The threat was the specter of malware that could infect the BIOS, the firmware that loaded the operating system each time a computer booted up. From there, it… Read More: Secure Boot is completely broken on 200+ models from 5… »

Zodiac Killer cipher is cracked after eluding sleuths for 51 years

Enlarge / Composite drawings of the Zodiac Killer. Getty Images reader comments 24 with 20 posters participating Share this story A coded message sent by a brutal serial killer who has never been caught has been cracked more than 51 years after it was sent. The male suspect, known as the Zodiac Killer, killed at… Read More: Zodiac Killer cipher is cracked after eluding sleuths for 51… »