Is Curtailing the Use of Encryption Apps a Good Idea?
Here in the US, and indeed in the press around the world, there are new calls to curtail the use of encryption. I suppose it is natural for politicians to seek boogeymen. Encryption is a good one as it just sounds like something only governments and bad guys would want to use. Never mind that […]
What Is Post-Quantum Cryptography And What Does It Mean For Us?
A recent NSA update addressed the Suite B cryptographic algorithms approved by NSA for protecting U.S. Government data. If you skip ahead to its table of recommendations you will see that some old friends have disappeared — AES with a 128-bit key and SHA-256 have been quietly dropped. The more startling part is in the […]
Data Encryption and Key Escrow – Easy Government Access or Protection of Individual Rights?
In Learning Tree’s System and Network Security Introduction we spend a lot of time talking about encryption. That’s because encryption is the core technology behind confidentiality, which is one of the key concepts in cyber security. One issue in the use of security is who can access encrypted data. I can, for example, encrypt a […]
Let’s Encrypt- What you Need to Know About the EFF’s Initiative
If you’ve been reading this blog for even a little while you might think I am obsessed with encryption and authentication (especially passwords). You’d probably be right, even though I am not under the illusion that either is any type of panacea. You’d probably guess that I’d be excited that the Electronic Frontier Foundation (EFF) […]
Steganography — Hiding in (Not-so-) Plain Sight
“Security through obscurity” is likely never enough by itself, but it can help, at least sometimes. It can sometimes provide another layer of defense. If a burglar doesn’t know you have a safe behind the bookshelf (I don’t!), she is less likely to find it and try to crack into it. Likewise if an attacker […]