Two killjoy researchers from the University of Cambridge have cast doubt on whether quantum cryptography can be regarded as ‘provably secure’ – and are asking whether today’s quantum computing experimentation is demonstrating classical rather than quantum effects.
Computer scientists Ross Anderson and Robert Brady have published their discussion at Arxiv, here. In the paper, they examine two key issues in quantum research. As well as looking at the cryptography question, they also examine why quantum computing research is finding it hard to scale beyond three qubits.
Denial of service vulnerabilities have been found in cryptographic systems underpinning host of web applications including those offered by Google, Microsoft, Yahoo and those based on Java among scores of others.
The attacks target weaknesses in the hash algorithms that permit multiple hash collisions to take place. This can quickly overload any application using a vulnerable hash algorithm.
Mega's high-profile launch was under a lot of scrutiny, for obvious reasons, with many curious to see how the fabled encryption features would work. Mega boasted client-side encryption to ensure total privacy over the uploaded files.
But Mega also made it possible to share those files and didn't require users to actually remember or store any key, things which could mean weaker security.
A security researcher has found a cryptographic flaw in the Mega cloud service that could reveal user passwords.
The Mega cloud service was launched on Monday.
ElcomSoft has built a utility that forages for encryption keys in snapshots of a PC's memory to decrypt PGP and TrueCrypt-protected data.
Forensic Disk Decryptor attempts to unlock information stored in disks and volumes encrypted by BitLocker, PGP or TrueCrypt. The tool is designed for criminal investigators, IT security bods and forensic specialists. PGP and TrueCrypt set the industry standard for whole-disk or partition encryption.