What Does The Recent SHA-1 Attack Mean For You And Your Organization?
Some top cryptographers have recently announced a significant step toward breaking the SHA-1 hash algorithm. Their work is described here and here, and also check out their paper. What does this mean for you and your organization? Let me start with a bit of background so the following makes sense. What Is A Hash? A […]
What Is Post-Quantum Cryptography And What Does It Mean For Us?
A recent NSA update addressed the Suite B cryptographic algorithms approved by NSA for protecting U.S. Government data. If you skip ahead to its table of recommendations you will see that some old friends have disappeared — AES with a 128-bit key and SHA-256 have been quietly dropped. The more startling part is in the […]
The SSL/TLS protocol suite is critical for Internet security. Unfortunately, it’s one of those things that’s nice in theory but messy in practice. Good news — a very promising project is bringing help! We commonly say that we use SSL to secure Internet activity. However, that statement taken literally is very out of date! We […]
Learning How Crypto Works
A friend asked me recently to explain some mathematics relating to encryption. The math was a bit beyond the person’s understanding and I looked for a simpler explanation. I found one and I think it will be a big help to many people who want a basic understanding of the math behind how encryption works. […]
The Dark Mail Alliance is a Promising Cloud-Based Email Project
“We believe email is fundamentally broken in its current architecture.” That’s the CEO of Silent Circle, a former and hopefully future provider of secure cloud-based email, talking about the Dark Mail Alliance project that Silent Circle and Lavabit are working on. Lavabit suddenly shut down with little explanation and no warning in August. It became […]