The use of data encryption could make organizations vulnerable to new risks and threats, a panel of security experts warned.
Many organizations are encrypting their stored data to relieve concerns over data theft or loss - for example, U.S. mandatory disclosure laws on data breaches do not apply to encrypted data.
However, experts from IBM Internet Security Systems, Juniper, nCipher and elsewhere said that data encryption also brings new risks, in particular via attacks - deliberate or accidental - on the key management infrastructure.
German police are unable to decipher the encryption used in the Internet telephone software Skype to monitor calls by suspected criminals and terrorists, Germany's top police officer said on Thursday. Skype allows users to make telephone calls over the Internet from their computer to other Skype users free of charge.
Law enforcement agencies and intelligence services have used wiretaps since the telephone was invented, but implementing them is much more complex in the modern telecommunications market where the providers are often foreign companies.
A highly respected cryptographer warned on Friday that the increasing sophistication of computer chip design raises the risk that undetected bugs could be used to crack public key encryption systems. The warning was issued by Adi Shamir, a professor at Israel's Weizmann Institute of Science. The "S" in RSA, one such public key encryption algorithm, belongs to Shamir.
According to security experts, an algorithm for generating random numbers that is included in an official standard documented by the National Institute of Standards and Technology (NIST) could potentially include a backdoor planted by the NSA.
In an ironic twist, a British team operating a World War II code-breaking computer has been beaten in a cipher-breaking contest by a German.
In the Cipher Challenge, a competition run by the U.K.'s National Museum of Computing on Thursday and Friday, the cipher-breaking computer Colossus had to decode encrypted radio communications intercepted from Paderborn in Germany. Competing against Colossus, which took 14 years to rebuild, were radio enthusiasts from across Europe, who had to beat the WWII code cracker using whatever computing means they had at their disposal.