Tag: Diffie-Hellman

We cannot have cyber security without cryptography! Confidentiality requires encryption of the sensitive data. Integrity is important, hash functions let us detect inappropriate modification of data and system configurations. Authentication of users and hosts can be done in many ways, and the more secure methods involve hash functions, encryption, or some combination of the two. […]

In a previous post,  I summarized some academic papers in which prominent cryptographers and other security experts took a very skeptical look at current cryptography, both research and practical systems. It’s not just e-mail plugins and other desktop computer applications that can disappoint us. One of the papers showed that the APCO Project 25 two-way […]

One question I get from course participants when I teach Learning Tree’s System and Network Security Introduction is, “How does Diffie-Hellman key exchange work?” I’ll answer that for you here with a slightly simplified explanation (the details I’m leaving out deal with intricacies of discrete math). First, let’s look at why we need Diffie-Hellman (DH) […]

A recent NSA update addressed the Suite B cryptographic algorithms approved by NSA for protecting U.S. Government data. If you skip ahead to its table of recommendations you will see that some old friends have disappeared — AES with a 128-bit key and SHA-256 have been quietly dropped. The more startling part is in the […]