Security News

A severe authentication bypass vulnerability has been reported in Bouncy Castle, a popular open-source cryptography library. The.NET version of Bouncy Castle alone has been downloaded over 16,000,000 times, speaking to the seriousness of vulnerabilities in Bouncy Castle, a library relied on by developers of mission-critical applications.

Pioneered by IBM Research scientists, the company is now offering quantum-safe cryptography support for key management and application transactions in IBM Cloud, making it the industry's most holistic quantum-safe cryptography approach to securing data available today. "As our reliance on data grows in the era of hybrid cloud and quantum computing capabilities advance, the need for data privacy is becoming even more critical. IBM now offers the most holistic quantum-safe approach to securing data available today and to help enterprises protect existing data and help protect against future threats," said Hillery Hunter, Vice President and Chief Technology Officer, IBM Cloud.

This week: the DOJ's attempt to reignite the Battle to Break Encryption; the story of the Russian hackers behind the Sandworm Team; a zero-day bug just patched in Chrome; and why your vocabulary needs the word "Restore" even more than it needs "Backup". WHERE TO FIND THE PODCAST ONLINE. You can listen to us on Soundcloud, Apple Podcasts, Google Podcasts, Spotify, Stitcher, Overcast and anywhere that good podcasts are found.

Back in July, NIST selected third-round algorithms for its post-quantum cryptography standard. Recently, Daniel Apon of NIST gave a talk detailing the selection criteria.

This "Selection round" will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard. "At the end of this round, we will choose some algorithms and standardize them," said NIST mathematician Dustin Moody.

NIST has now begun the third round of public review. This "Selection round" will help the agency decide on the small subset of these algorithms that will form the core of the first post-quantum cryptography standard.

Futurex's VirtuCrypt financial cloud HSM service supports financial services organizations' critical payment systems cryptography and key management needs in the cloud. VirtuCrypt cloud HSMs are the industry's first financial cloud cryptographic solution with native Amazon Web Services support.

Intertrust announced the launch of whiteCryption Secure Key Box for Web at the RSA Conference 2020. The first and only enterprise-ready white-box cryptography solution for web applications, it ensures that web apps can be used without fear of exposing the underlying keys and credentials to cyberattack.

Researchers are attempting to develop new forms of cryptography that could not be cracked by powerful quantum computing devices that are in the works. That requires devising public key cryptosystems based on computational problems that are difficult to break even using quantum algorithms, says Divesh Aggarwal, principal investigator at Singapore's Center for Quantum Technologies.

The secure messaging service is looking to address usability issues.