keys

Introducing DiceKeys

DiceKeys

| | cryptography, keys, passwords
DiceKeys is a physical mechanism for creating and storing a 192-bit key. The idea is that you roll a special set of twenty-five dice, put them into a plastic jig, and then ...
Schneier on Security

Audio Recordings Used to Copy Keys, Carnival Ransomware Attack, Social Media Profile Data Exposed

| | Carnival Cruise, Cybersecurity, Data leak, Digital Privacy, Episodes, keys, locks, Physical Security, Podcast, Privacy, Ransomware, social media, Vacation, web scraping, Weekly Edition
In episode 135 for August 24th 2020: Details on how researchers can use audio recordings of keys being used in locks to create copies, Carnival cruise lines becomes the victim of a ...
The Shared Security Show

Another Intel Speculative Execution Vulnerability

| | Exploits, Hacking, hardware, Intel, keys, sidechannelattacks, Vulnerabilities
Remember Spectre and Meltdown? Back in early 2018, I wrote: Spectre and Meltdown are pretty catastrophic vulnerabilities, but they only affect the confidentiality of data. Now that they -- and the research ...
Schneier on Security

Securing Internet Videoconferencing Apps: Zoom and Others

| | aes, encryption, internetandsociety, keys, nsa, securityengineering, videoconferencing
The NSA just published a survey of video conferencing apps. So did Mozilla. Zoom is on the good list, with some caveats. The company has done a lot of work addressing previous ...
Schneier on Security
Root KSK Ceremony 39

DNSSEC Keysigning Ceremony Postponed Because of Locked Safe

| | dns, keys, locks, safes
Interesting collision of real-world and Internet security: The ceremony sees several trusted internet engineers (a minimum of three and up to seven) from across the world descend on one of two secure ...
Schneier on Security

New SHA-1 Attack

| | academicpapers, certifications, cryptography, encryption, forgery, impersonation, keys, pgp, sha1
There's a new, practical, collision attack against SHA-1: In this paper, we report the first practical implementation of this attack, and its impact on real-world security with a PGP/GnuPG impersonation attack. We ...
Schneier on Security

TPM-Fail Attacks Against Cryptographic Coprocessors

| | academicpapers, cryptography, hardware, keys, tpm
Really interesting research: TPM-FAIL: TPM meets Timing and Lattice Attacks, by Daniel Moghimi, Berk Sunar, Thomas Eisenbarth, and Nadia Heninger. Abstract: Trusted Platform Module (TPM) serves as a hardware-based root of trust ...
Schneier on Security

NordVPN Breached

| | breaches, certificates, cryptography, Disclosure, encryption, keys, VPN
There was a successful attack against NordVPN: Based on the command log, another of the leaked secret keys appeared to secure a private certificate authority that NordVPN used to issue digital certificates ...
Schneier on Security

Crown Sterling Claims to Factor RSA Keylengths First Factored Twenty Years Ago

| | cryptanalysis, cryptography, encryption, keys, snakeoil
Earlier this month, I made fun of a company called Crown Sterling, for...for...for being a company that deserves being made fun of. This morning, the company announced that they "decrypted two 256-bit ...
Schneier on Security
Ryuk

Future-proofing Security in a Post-Quantum Cryptography World

| | cryptography, digital signatures, hash algorithms, keys, quantum computing
Post-quantum cryptography broadly represents cryptographic algorithms that are safe against threats from quantum computers. Quantum computers aren’t expected to come into play for a decade., which might leave you asking, “Why should ...
Security Boulevard
Load more