Tag: RSA

I wrote a series of blog posts a while ago about SSH authentication using cryptographic keys rather than passwords. I discussed why SSH keys provide easier authentication, how to set up an SSH key agent, and how to maintain multiple websites. There are two areas of security to consider regarding SSH. I think of them […]

This week I will show you how to set up cryptographic authentication. Two Benefits at Once! Security and convenience are usually at odds, an increase in one usually has the collateral damage of driving the other one down. But cryptographic authentication is a rare opportunity to make things both more secure and easier to use. […]

If we don’t carefully distinguish between necessary and sufficient when we are analyzing information assurance systems, we may become dangerously confident in a system that is actually quite weak. This Isn’t A New Problem Cryptography enthusiast Edgar Allan Poe wrote, in “A Few Words On Secret Writing” in Graham’s Magazine in July 1841: “Few persons […]

When I taught computer programming classes in the 1980s, many first=time C programmers would write a Trojan login program for fun. They’d simulate the login prompt (no Windows back then). I gave a bit more info about this when I first wrote about Trojans on thus blog. Trojans are a form of social engineering: the […]

Last week I started telling you about an recent interesting paper, “A Riddle Wrapped in an Enigma” by two highly respected cryptographers, Neal Koblitz and Alfred Menezes. I gave you the background last week: the NSA’s long interest in ECC (or Elliptic Curve Cryptography), some reports of NSA back doors inserted into standardized algorithms, and […]