Security News

Both bills have provisions that could be used to break end-to-end encryption. 3(c)(7)(A)(iii) would allow a company to deny access to apps installed by users, where those app makers "Have been identified as national security, intelligence, or law enforcement risks." That language is far too broad. It would allow Apple to deny access to an encryption service provider that provides encrypted cloud backups to the cloud.

President Joe Biden signed a national security memorandum on Thursday asking government agencies to implement measures that would mitigate risks posed by quantum computers to US national cyber security. The multi-year effort to migrate all vulnerable cryptographic systems to quantum-resistant cryptography will span over 50 government departments and agencies that use National Security Systems.

The vulnerability, which Oracle patched on Tuesday, affects the company's implementation of the Elliptic Curve Digital Signature Algorithm in Java versions 15 and above. ECDSA is an algorithm that uses the principles of elliptic curve cryptography to authenticate messages digitally.

Amid the COVID-19 crisis, the global market for quantum cryptography estimated at $93.1 million in the year 2020, is projected to reach a revised size of $291.9 million by 2026, growing at a CAGR of 20.8% over the analysis period, according to ResearchAndMarkets. The U.S. quantum cryptography market is estimated at $40.6M in 2021.

Quantum computing is poised to transform the industry over the next decade. As this technology advances over the next decade, quantum computing is expected to expose vulnerabilities in public-key cryptography encryption algorithms within seconds.

NSS can be used to develop security-enabled client and server apps with support for SSL v3, TLS, PKCS #5, PKCS #7, PKCS #11, PKCS #12, S/MIME, X.509 v3 certificates, and various other security standards. "Applications using NSS for handling signatures encoded within CMS, S/MIME, PKCS #7, or PKCS #12 are likely to be impacted," Mozilla said in a security advisory issued today.

I have long been annoyed that the word “crypto” has been co-opted by the blockchain people, and no longer refers to “cryptography.” I’m not the only one.

While there are many different encryption techniques, none are completely secure, and the search continues for new technologies that can counter the rising threats to data privacy and security. In a recent study published in KeAi's International Journal of Intelligent Networks, a team of researchers from India and Yemen describe a novel, two-step cryptography technique - the first to combine genetic technology with mathematical technique.

Qrypt announced the launch of its Cloud Entropy Portal. The Cloud Entropy Portal democratizes the availability of quantum safe random numbers for any application, especially cryptographic key generation.

Encryption and verification package Pretty Good Privacy has celebrated a troubled 30 years of securing secrets and giving cypherpunks an excuse to meet in person, with original developer and security specialist Phil Zimmermann toasting a world where encryption is common but, he warns, still under threat. Following the end of the criminal investigation into Zimmermann, the PGP team set up PGP Inc. which was quickly gobbled up by security specialist Network Associates Inc. in 1997.