Cryptography - Page 15 - Results from #280

Discover Cryptography News

Researchers develop quantum encryption method to foil hackers

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Researchers from the University of Toronto and the University of Vigo believe quantum cryptography is the solution to the hacker problem. They are turning their proof-of-concept into a prototype.

LinuxSecurity.com Team
Apr 05, 2012

SSH Tunneling - Poor Techie's VPN

"If we see light at the end of the tunnel, it is the light of the oncoming train" ~ Robert Lowell. Oh yes, another good quote. This post is on SSH tunneling, or as I like to call it 'Poor Man's VPN'. Contrary to the sysadmin's popular belief, SSH tunneling actually can be very valuable use for both techies and home users.

LinuxSecurity.com Team
Apr 02, 2012

TSA asks congressional panel to uninvite critic Bruce Schneier

Bruce Schneier, a vocal critic of security measures used by the Transportation Security Administration, was asked to testify before Congress about TSA's security screening initiatives but then was "formally uninvited" after the agency complained.

LinuxSecurity.com Team
Mar 26, 2012

Who holds the encryption keys?

Encryption can make up for a litany of security snafus -- from a bad firewall to an unrelenting hacker to a lost laptop. Once data is encrypted, criminals can't use or sell it. Plus, if encrypted data goes missing, companies are protected from disclosure requirements in most states.

LinuxSecurity.com Team
Mar 26, 2012

Stolen encryption key the source of compromised certificate problem

When Kaspersky Lab last week spotted code-signed Trojan malware dubbed Mediyes that had been signed with a digital certificate owned by Swiss firm Conpavi AG and issued by Symantec, it touched off a hunt to determine the source of the problem.

LinuxSecurity.com Team
Mar 19, 2012

Mobile's Cryptography Conundrums

Immaturity in mobile device hardware and operating system environments is holding back organizations' deployments of strong cryptographic protections around mobile applications, according to a pair of unrelated presentations at the RSA Conference last week.

LinuxSecurity.com Team
Mar 09, 2012

Hacking Quantum Cryptography Just Got Harder

No matter how complex they are, most secret codes turn out to be breakable. Producing the ultimate secure code may require encoding a secret message inside the quantum relationship between atoms, scientists say.

LinuxSecurity.com Team
Feb 22, 2012

'Predictably random' public keys can be cracked - crypto boffins

Analysis Cryptography researchers have discovered flaws in the key generation that underpins the security of important cryptography protocols, including SSL.

LinuxSecurity.com Team
Feb 16, 2012

RSA security flawed say researchers after collecting duplicate public keys

Cryptography researchers collected millions of X.509 public key certificates that are publicly available over the web and found what they say is a shockingly high frequency of duplicate RSA-moduli keys.

LinuxSecurity.com Team
Feb 15, 2012

Trustwave admits issuing 'man-in-the-middle' digital certificate

Digital Certificate Authority (CA) Trustwave revealed that it has issued a digital certificate that enabled an unnamed private company to spy on SSL-protected connections within its corporate network, an action that prompted the Mozilla community to debate whether the CA's root certificate should be removed from Firefox.

LinuxSecurity.com Team
Feb 08, 2012

DNSCrypt: a tool to encrypt all DNS traffic

DNS service provider OpenDNS has announced a preview release of a new open source tool to improve internet security: DNSCrypt encrypts all DNS traffic between a user's system and a DNS server. The tool is currently only available for the Mac, with a Windows version promised, and only works with OpenDNS's own DNS service.

LinuxSecurity.com Team
Dec 08, 2011

KPN Stops Issuing SSL Certificates After Possible Breach

The largest telecommunications company in the Netherlands has stopped issuing SSL (Secure Sockets Layer) certificates after finding indications that the website used for purchasing the certificates may have been hacked.

LinuxSecurity.com Team
Nov 07, 2011

Hackers Release DoS Attack Tool Targeting SSL Servers

A hacker group has released a proof-of-concept tool that exploits how encryption keys can be renegotiated to launch a distributed denial of service attack against Secure Sockets Layer servers.

LinuxSecurity.com Team
Oct 26, 2011

XML Encryption Flaw Leaves Web Services Vulnerable

Watch your Web Services: the official XML Encryption Syntax and Processing standard can be broken. So say two researchers from Ruhr-University Bochum in Germany, who have demonstrated a practical attack against XML's cipher block chaining (CBC) mode.

LinuxSecurity.com Team
Oct 25, 2011

Gmail Adds Encrypted Search to Foil Snoopers

Google is extending SSL encryption security to search traffic for all logged-in Gmail users, the company has announced. The key phrase here is 'by default' because it has been possible for Google search users to access encrypted search manually since May of last year using the https://www.google.com/ site.

LinuxSecurity.com Team
Oct 21, 2011

The SSL certificate industry can and should be replaced

The SSL certificate authorities like Comodo that have had their security undermined by hackers shouldn't be trusted, and in fact, the way the entire SSL certificate industry of today works can and should be replaced with something better, says Moxie Marlinspike, a security expert who's come up with a plan he says will do that.

LinuxSecurity.com Team
Oct 13, 2011

Authencity of Web pages comes under attack

The keepers of the Internet have become acutely concerned about the Web's core trustworthiness. Hackers cracked three companies that work with the most popular Web browsers to ensure the authenticity of Web pages where consumers type in sensitive information, such as account log-ons, credit card numbers and personal data.

LinuxSecurity.com Team
Sep 28, 2011

EFF inspects encryption tool for Adium, Pidgin IM clients

The digital watchdog Electronic Frontier Foundation (EFF) lent a technical hand to fix security problems in a tool used to encrypt instant messenger conversations using the Adium and Pidgin programs.

LinuxSecurity.com Team
Sep 26, 2011

Beware of BEAST decrypting secret PayPal cookies

Researchers have discovered a serious weakness in virtually all websites protected by the secure sockets layer protocol that allows attackers to silently decrypt data that's passing between a webserver and an end-user browser.

LinuxSecurity.com Team
Sep 21, 2011

Hackers break SSL encryption used by millions of sites

LinuxSecurity.com Team
Sep 20, 2011

Linux Cryptography

Abyss Locker Ransomware Targets Linux & Windows Users

Linux Foundation Joins Post-Quantum Cryptography Alliance

New Decryption Key Available for Babuk Tortilla Ransomware Victims