Security News

Ten years ago, even the biggest and most popular online services in the world, such as Facebook, Gmail and Hotmail didn't use TLS all the time - it was thought to be too complicated, too slow, and not always necessary. These days we expect our web browsing to be protected by TLS all the time.

PQShield announces that it is further strengthening its cryptographic hardware team with the appointment of Ben Marshall, the editor and main author of the RISC-V "K" Cryptography Extension, as a Cryptography Engineer. Ben will continue to contribute to RISC-V International's cryptography standardisation efforts while also working on PQShield's post-quantum hardware architecture.

The US Cyber Command has released a series of ten Valentine’s Day “Cryptography Challenge Puzzles.” Slashdot thread. Reddit thread. (And here’s the archived link, in case Cyber Command takes the...

Abu Dhabi and the UAE are working to pioneer breakthroughs in post-quantum cryptography and neuromorphic computing through an international partnership between Technology Innovation Institute's Cryptography Research Centre and Yale University, an Ivy League research university in Connecticut, United States. Speaking on the partnership, Dr Najwa Aaraj, Chief Researcher at Cryptography Research Centre, said: "We are excited to work with peers from Yale University in carrying out groundbreaking research in these two vital fields. At the Cryptography Research Centre, we are creating a knowledge-driven ecosystem powered by like-minded scientists and researchers - all focused on designing breakthrough solutions in different areas of cryptography."

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

Pioneered by IBM Research scientists, the company is now offering quantum-safe cryptography support for key management and application transactions in IBM Cloud, making it the industry's most holistic quantum-safe cryptography approach to securing data available today. "As our reliance on data grows in the era of hybrid cloud and quantum computing capabilities advance, the need for data privacy is becoming even more critical. IBM now offers the most holistic quantum-safe approach to securing data available today and to help enterprises protect existing data and help protect against future threats," said Hillery Hunter, Vice President and Chief Technology Officer, IBM Cloud.

This week: the DOJ's attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and why your vocabulary needs the word "Restore" even more than it needs "Backup". WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection criteria.

This "Selection round" will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard. "At the end of this round, we will choose some algorithms and standardize them," said NIST mathematician Dustin Moody.

NIST has now begun the third round of public review. This "Selection round" will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard.