Moving plane exchanges quantum keys with Earth

Posted on September 16, 2012 by mea

Quantum key distribution (QKD) uses photons polarised in two different ways to encode the 0s and 1s of an encryption key. The laws of quantum mechanics ensure the transmission is secure, as any attempt to intercept the key disturbs the polarisation – a tip-off to the receiver that the key has been seen and should be discarded.

via Moving plane exchanges quantum keys with Earth – tech – 16 September 2012 – New Scientist.

The researchers kept the laser on track using moving mirrors both in the aircraft and on the ground. Performing the experiment shortly after sunset avoided interference from sunlight. The transmission lasted for 10 minutes, amounting to a key long enough to encrypt 10 kilobytes of data. The team presented the work at the QCrypt conference in Singapore on 12 September.

Which SSL certificate should I buy?

Posted on September 8, 2012 by mea

SSL certificates that most web browsers can accept without grief are sold by a relatively small number of companies. That’s because the major web browsers are shipped with a certain set of “root certificate authorities” that they trust… and if your certificate isn’t signed by one of those authorities, or by a certificate “chained” from one of them, then you’re out of luck— the web browser will display a scary warning to the user or, in some cases, refuse to work with your site at all.

The cost of SSL certificates varies quite a bit, from as little as $20 to as much as $1,000 or more. Why such a big difference? There are three main reasons:

via WWW FAQs: Which SSL certificate should I buy?.

2. Some certificates are directly signed by a trusted root certificate, while others are “chained” from another “intermediate” certificate. This isn’t really a problem, as long as the company selling you the chained certificate really does own the root certificate. But some webmasters get confused by intermediate certificates, fail to install them correctly, and mistakenly think they have purchased a bad certificate. So chained certificates are usually less expensive to allow for this inconvenience, even though there is no real technical disadvantage.

Shor’s algorithm

Posted on August 26, 2012 by mea

If a quantum computer with a sufficient number of qubits were to be constructed, Shor’s algorithm could be used to break public-key cryptography schemes such as the widely used RSA scheme. RSA is based on the assumption that factoring large numbers is computationally infeasible. So far as is known, this assumption is valid for classical (non-quantum) computers; no classical algorithm is known that can factor in polynomial time. However, Shor’s algorithm shows that factoring is efficient on a quantum computer, so a sufficiently large quantum computer can break RSA. It was also a powerful motivator for the design and construction of quantum computers and for the study of new quantum computer algorithms. It has also facilitated research on new cryptosystems that are secure from quantum computers, collectively called post-quantum cryptography.

via Shor’s algorithm – Wikipedia, the free encyclopedia.

A Quantum Computer Finds Factors

Posted on August 26, 2012 by mea

A quantum computer, on the other hand, promises to factor a number of any size in one operation and, if one can be built, the future of the PKI looks bleak and we would have to find encryption methods that were safe against a quantum attack.

via A Quantum Computer Finds Factors.

Of course, factoring 15 isn’t something that is going to threaten the PKI and cryptography in general, but factoring larger numbers is just a matter of increasing the number of qubits and this approach does seem to be a scalable solid state approach.

Cryptocat

Posted on July 15, 2012 by mea

Cryptocat is free software that aims to provide an open, accessible Instant Messaging environment with a transparent layer of encryption that works right in your browser.

via Cryptocat – Home.

LinkedIn Password Leak: Salt Their Hide

Posted on June 8, 2012 by mea

Let me walk through the process of password protection and explain why unsalted passwords are only infinitesimally better than plaintext passwords:

via LinkedIn Password Leak: Salt Their Hide – ACM Queue.

Conclusion

LinkedIn is learning fast right now, according to their damage control missives, they have now implemented salting and “better hashing.” But we have yet to find out why nobody objected to them protecting 150+ million user passwords with 1970s methods.

And everybody else should take notice too: Even if you use md5crypt, you should upgrade your password scrambling algorithm. As a rule of thumb: If it does not take a full second to calculate the password hash, it is too weak.

AACS encryption key controversy

Posted on April 21, 2012 by mea

A controversy surrounding the AACS cryptographic key arose in April 2007 when the Motion Picture Association of America and the Advanced Access Content System Licensing Administrator, LLC (AACS LA) began issuing demand letters[2] to websites publishing a 128-bit (16-byte) number, represented in hexadecimal as 09 F9 11 02 9D 74 E3 5B D8 41 56 C5 63 56 88 C0[3][4] (commonly referred to as 09 F9),[5][6] which is one of the cryptographic keys for HD DVDs and Blu-ray Discs. The letters demanded the immediate removal of the key and any links to it, citing the anti-circumvention provisions of the U.S. Digital Millennium Copyright Act (DMCA).

via AACS encryption key controversy – Wikipedia, the free encyclopedia.

Ostiary

Posted on December 22, 2011 by mea

If you leave such programs running all the time, you take the risk that someone is going to use an exploit on you before you have a chance to apply a patch. For some purposes, this is an acceptable – even necessary – tradeoff, but it would be nice to enable them only when actually needed, to minimize the risk. And for other purposes, ssh et. al. are overkill. Perhaps you only really need to remotely initiate a limited set of operations. In this case, you don’t need a shell prompt, just a way to securely kick off scripts from elsewhere.Enter ‘Ostiary’. It is designed to allow you to run a fixed set of commands remotely, without giving everyone else access to the same commands. It is designed to do exactly and only what is necessary for this, and no more. The only argument given to the command is the IP address of the client, and only if the authentication is successful.

via Ostiary.

TrueCrypt

Posted on December 7, 2011 by mea

TrueCrypt – Free Open-Source On-The-Fly Disk Encryption Software for Windows 7/Vista/XP, Mac OS X and Linux.

Main Features:

Creates a virtual encrypted disk within a file and mounts it as a real disk.

Encrypts an entire partition or storage device such as USB flash drive or hard drive.

Encrypts a partition or drive where Windows is installed (pre-boot authentication).

Encryption is automatic, real-time (on-the-fly) and transparent.

Parallelization and pipelining allow data to be read and written as fast as if the drive was not encrypted.

Encryption can be hardware-accelerated on modern processors.

Provides plausible deniability, in case an adversary forces you to reveal the password:Hidden volume (steganography) and hidden operating system.
More information about the features of TrueCrypt may be found in the documentation.

A5/1

Posted on November 21, 2011 by mea

A5/1 is a stream cipher used to provide over-the-air communication privacy in the GSM cellular telephone standard. It was initially kept secret, but became public knowledge through leaks and reverse engineering. A number of serious weaknesses in the cipher have been identified.

via A5/1 – Wikipedia, the free encyclopedia.

Bucktown Bell

Cut to the chase.

Tag Archives: encryption