Security News

From siloed to unified key management: Legacy key protection and management was comprised of different solutions for different environments and business problems. From disparate to integrated key management and key protection: Legacy key protection provides only basic management and dedicated key management solutions are often not integrated with key protection.

The Republic of Korea took two bold steps into the future on Tuesday, by announcing that the last of its 2G networks will go offline in June and that it will initiate large-scale adoption of communications protected by quantum encryption. The quantum tests will build on demos conducted in 2020, but this time South Korea's government hopes to involve multiple industries and to educate them on the benefits of the tech and how to adopt it.

From the dates and the title, the George Davida patent application which NSA unsuccesfully tried to block would have been US4202051A, for a key stream generator based on a LFSR combined with a non-linear feedback circuit. "In April 1978 a patent application made by Carl Nicolai for a speech scrambling device was evaluated by the NSA using Inman's new criteria. Once again, there was disagreement between NSA directorates. Neither Research and Engineering nor COMSEC believed that Nicolai's invention should be classified. Howard Rosenblum, DDC, noted that Nicolai employed"a sophisticated use of well-known, open-source techniques" of spread spectrum technology and that "so many unclassified spread spectrum systems are already in the public domain that it is too late to try to close the door by imposing secrecy orders based solely on the fact that the system uses spread spectrum techniques.

Ten years ago, even the biggest and most popular online services in the world, such as Facebook, Gmail and Hotmail didn't use TLS all the time - it was thought to be too complicated, too slow, and not always necessary. These days we expect our web browsing to be protected by TLS all the time.

PQShield announces that it is further strengthening its cryptographic hardware team with the appointment of Ben Marshall, the editor and main author of the RISC-V "K" Cryptography Extension, as a Cryptography Engineer. Ben will continue to contribute to RISC-V International's cryptography standardisation efforts while also working on PQShield's post-quantum hardware architecture.

The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.” Slashdot thread. Reddit thread. (And here’s the archived link, in case Cyber Command takes the...

Abu Dhabi and the UAE are working to pioneer breakthroughs in post-quantum cryptography and neuromorphic computing through an international partnership between Technology Innovation Institute's Cryptography Research Centre and Yale University, an Ivy League research university in Connecticut, United States. Speaking on the partnership, Dr Najwa Aaraj, Chief Researcher at Cryptography Research Centre, said: "We are excited to work with peers from Yale University in carrying out groundbreaking research in these two vital fields. At the Cryptography Research Centre, we are creating a knowledge-driven ecosystem powered by like-minded scientists and researchers - all focused on designing breakthrough solutions in different areas of cryptography."

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

Pioneered by IBM Research scientists, the company is now offering quantum-safe cryptography support for key management and application transactions in IBM Cloud, making it the industry's most holistic quantum-safe cryptography approach to securing data available today. "As our reliance on data grows in the era of hybrid cloud and quantum computing capabilities advance, the need for data privacy is becoming even more critical. IBM now offers the most holistic quantum-safe approach to securing data available today and to help enterprises protect existing data and help protect against future threats," said Hillery Hunter, Vice President and Chief Technology Officer, IBM Cloud.

This week: the DOJ's attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and why your vocabulary needs the word "Restore" even more than it needs "Backup". WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.