Security News
Google has announced that it will be switching from KYBER to ML-KEM in its Chrome web browser as part of its ongoing efforts to defend against the risk posed by cryptographically relevant quantum...
Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsoft’s details are here. From a news article: The first new algorithm Microsoft added to...
In this Help Net Security interview, Jean-Philippe Aumasson, discusses the writing and research process for Serious Cryptography, his latest book. With a career steeped in research and practical...
Cryptography engineers often collaborate with cybersecurity teams to integrate robust cryptographic solutions into software, hardware and network infrastructure, addressing potential vulnerabilities and mitigating risks associated with data breaches or cyberattacks. This hiring kit, written by Franklin Okeke for TechRepublic Premium, provides a practical framework you can use to hire the ideal cryptography engineer for your organization.
Some Google Chrome users report having issues connecting to websites, servers, and firewalls after Chrome 124 was released last week with the new quantum-resistant X25519Kyber768 encapsulation mechanism enabled by default. Google started testing the post-quantum secure TLS key encapsulation mechanism in August and has now enabled it in the latest Chrome version for all users.
Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it's keeping...
I just read an article complaining that NIST is taking too long in finalizing its post-quantum-computing cryptography standards. "This process has been going on since 2016, and since that time there has been a huge increase in quantum technology and an equally large increase in quantum understanding and interest. Yet seven years later, we have only four algorithms, although last week NIST announced that a number of other candidates are under consideration, a process that is expected to take"several years.
One of these standards is a generative AI content certification known as C2PA. C2PA has been around for two years, but it's gained attention recently as generative AI becomes more common. The C2PA specification is an open source internet protocol that outlines how to add provenance statements, also known as assertions, to a piece of content.
"NIST has release a draft of Special Publication1800-38A: Migration to Post-Quantum Cryptography: Preparation for Considering the Implementation and Adoption of Quantum Safe Cryptography." It's only four pages long, and it doesn't have a lot of detail-more "Volumes" are coming, with more information-but it's well worth reading. We are going to need to migrate to quantum-resistant public-key algorithms, and the sooner we implement key agility the easier it will be to do so.
Quantum computing has surged in popularity recently, with its revolutionary computational capabilities transforming the technology sector. In this Help Net Security video, Vanesa Diaz, CEO at LuxQuanta, talks about how precautions must be taken ahead of this new quantum age, where cybersecurity solutions require significant attention and developments to ensure the protection and security of data.