We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.
Francisco Perez lets us know of support for the HiFn crypto board. "The driver provides crypto acceleration for FreeSwan IPSEC application and others. Security Data is an I.T Security services & OEM producer of Security Equipment based on Linux OS.. . .
Theoretical attacks against AES (Advanced Encryption Standard) winner Rijndael and runner-up Serpent have been published. They might work in the practical world; they might not. That's about all we can say from the latest edition of Bruce Schneier's CryptoGram newsletter, which . . .
Encapsulating security payloads, key exchange mechanisms and other components of establishing secure data transfers. In Part 2, we move on to encapsulating security payloads and key exchange mechanisms. IPSec ESP format, specified in RFC 2406, provides confidentiality, authenticity and integrity.. . .
Explaining IPSec, different levels of security and how to be safe sending and receiving packets over the network. .. VPNs (virtual private networks, i.e., private networks deployed over a public packet infrastructure) are definitely emerging as the solution of choice for the interconnection of distant offices belonging to the same company.. . .
For more than a decade, the United States government classified encryption technology as a weapon. Now that label might actually apply. Security-consulting firm Foundstone said Thursday that e-mail messages encrypted with the Pretty Good Privacy program can be used as digital bullets to attack and take control of a victim's computer.. . .
Wireless has been on the mind of NIST officials for some time. Understanding the inherent risk of unsecure wireless networks ripe for the picking using such easy-to-install programs like NetStumbler, the agency put out a call in July asking for recommendations . . .
The GNU bc threaded code compiler, included with most Linux distributions, provides arbitrary precision arithmetic that can handle the large numbers used in modern cryptography. Here we use the bc compiler to explore Diffie-Hellman public key encryption. . .
Encryption, decryption and code breaking came into the public consciousness in the 1980s with popularity of the movie War Games. It became newsworthy in the 1990s with the legal battles surrounding PGP and the political discussion of the Clipper Chip. Now, . . .
In 1998 cryptographer Paul Kocher developed a method for deducing the secret key embedded in a cryptographic smart card by monitoring tiny fluctuations in power consumption. Three years earlier, at the tender age of 22, he made headlines with a technique to compromise implementations of the RSA algorithm -. . .
This week's lists.freeswan.org Email Summary reports that Michael Richardson debated the new DNS Key-Restrict draft with folks from the list This email address is being protected from spambots. You need JavaScript enabled to view it.. If that draft is widely implemented, FreeS/WAN will need to use a different DNS record type to distribute public keys. Interesting stuff.. . .
The scope and character of today's computing environment is changing dramatically. There are more systems in more locations and these are often spread across the world. Many, if not most, IT organizations today, are running lights-out data center operations. There are . . .
Bad things do happen to good code. So learned Phil Zimmermann, author of Pretty Good Privacy, which in the early 1990s became the de facto standard for cryptology development on the Internet, according to analysts and user groups. . .
Manish Arya has contributed an article he has written on using FreeS/WAN to build a VPN. "IPsec has many implementations.one of the common IPsec implementations is Freeswan. IPsec provides encryption and authentication services at the IP (Internet Protocol) level of the network protocol stack. freeswan is a opensource IPsec implementation available from www.freeswan.org. IPsec can protect any traffic carried over IP, unlike other encryption which generally protects only a particular higher-level protocol. . .
The Internet Engineering Task Force (IETF) has published standards for improvements to SSL which add support for the recently ratified Advanced Encryption Standard. Request for Comments (RFC) 3268 adds support for AES to the TLS protocol (Transport Layer Security - which. . .
Demand is growing for desktop and wireless encryption but Network Associates (NAI) says it has no plans to resurrect its Pretty Good Privacy (PGP) range, despite requests from users. The IT security firm announced it was suspending the development of its. . .
Five years ago, when the Organization for Economic Cooperation and Development (OECD) released their guidelines for cryptography policy, crypto advocates cheered and declared victory. After a hard fought battle, we had forced the OECD to back away from the U.S. government's . . .
Sometime in July, a team of hackers will try to break into the computer networks that run key utilities around the U.S. The strikes won't come from Islamic cyberterrorists -- who in recent days have been rumored to be planning such attacks themselves -- but rather from friendly teams of security analysts the Electric Power Research Institute has hired to find chinks in the armor of conventional power plants.. . .
You're exposing yourself to significant risk as long as the data on your network (data in transit) and in your storage (data at rest) is not encrypted. That's what a paranoid security specialist will tell you. . .
Security needs to be provided end-to-end or host to host. The IETF's security role is to ensure that IETF standard protocols have the necessary features to provide appropriate security for the application as it may be used across the Internet. Mandatory . . .
ARM has licensed a security accelerator core from SafeNet Inc. (Baltimore, Md.), a security technology leader in the virtual private network (VPN) market. The move responds to concerns about security in consumer and business applications, from wireless to smart-card chips. . .
Like staying secure? So do we.
Sign up for updates, tips, and alerts!
