December 11, 2024 at 04:47PM Cavero Quantum has developed a cryptographic system using symmetric keys to counter future threats from quantum computing and harvest now, decrypt later attacks. Their unique method ensures mutual key generation without sharing information publicly, aiming to enhance privacy and security across various industries, including finance and telecommunications. ### Meeting Takeaways: … Read more
October 23, 2024 at 10:07AM Avast has launched a free decryptor for the Mallox ransomware following the discovery of a vulnerability in its cryptographic system. **Meeting Takeaways:** 1. **Release Announcement**: Avast has launched a free decryptor specifically for the Mallox ransomware. 2. **Reason for Release**: The decryptor was developed after Avast identified a vulnerability in … Read more
October 17, 2024 at 04:41AM Researchers from the University of Toronto’s Citizen Lab found that WeChat’s modified cryptographic protocol, MMTLS, introduces security weaknesses. Key issues include the business-layer encryption not securing metadata and the potential for network-based attacks. The app lacks end-to-end encryption, allowing Tencent to access user messages, raising privacy concerns. ### Meeting Summary … Read more
October 16, 2024 at 05:52PM Researchers at Shanghai University have shown that quantum mechanics can threaten current encryption systems, using a D-Wave quantum computer to factor a 50-bit integer. While this does not endanger existing 2048-bit keys, it highlights potential cryptographic vulnerabilities, emphasizing the need for organizations to adopt quantum-resistant encryption soon. ### Meeting Takeaways … Read more
August 23, 2024 at 03:37PM The arrival of post-quantum computing in the real world means a race against the 10-year timeline set by NIST for updating vulnerable cryptography. The transition to post-quantum cryptography requires careful planning, including asset inventory, remediation, and collaboration with vendors and partners. The urgency of this shift cannot be overstated, as … Read more
August 13, 2024 at 08:06AM NIST has formally published three post-quantum cryptography standards resulting from a competition aimed at developing encryption resistant to quantum computing decryption. The standards are ML-KEM, ML-DSA, and SLH-DSA, with a fourth, FN-DSA, selected for future standardization. IBM played a significant role in their development and is actively involved in quantum-safe … Read more
June 12, 2024 at 03:43PM AWS has launched FIDO2 passkeys for multi-factor authentication, boosting account security. These passkeys use public key cryptography and resist phishing attacks. Amazon encourages users to adopt MFA, planning to make it mandatory for root account users by July 2024. The company is committed to enhancing MFA adoption via CISA’s Secure … Read more
May 7, 2024 at 12:03PM Niobium raised $5.5 million in seed funding for its hardware accelerator focused on zero trust computing. The company’s technology, based on fully homomorphic encryption (FHE), aims to process encrypted data without access to actual data. Niobium’s SoC-based PCIe card significantly accelerates FHE software solutions and plans to target various industries … Read more
February 6, 2024 at 05:32PM The Linux Foundation launches the Post-Quantum Cryptography Alliance (PQCA) to advance post-quantum cryptography and address security challenges posed by quantum computing. Supported by industry leaders, the PQCA seeks to develop high-assurance software implementations and support the adoption of post-quantum algorithms. The initiative encourages participation and collaboration. More info at PQCA … Read more
December 6, 2023 at 11:41AM At Black Hat Europe 2023, a team from Microsoft, GitHub, and Banco Santander unveiled open source tools to detect weak cryptography, urging updates for quantum computing security. Their study found widespread use of outdated algorithms like RSA and SHA-1 in open source projects. The tools enable developers to assess and … Read more