With a little bit of technical acumen and a few hundred dollars, enterprising thieves can walk away with some late-model cars and gas them up for free to boot, according to research published by computer security experts at the Johns Hopkins University in Baltimore and RSA Security Inc.'s RSA Laboratories in Bedford, Mass.
With the recent news of weaknesses in some common security algorithms (MD4, MD5, SHA-0), many are wondering exactly what these things are: They form the underpinning of much of our electronic infrastructure, and in this Guide we'll try to give an overview of what they are and how to understand them in the context of the recent developments.
But note: though we're fairly strong on security issues, we are not crypto experts. We've done our best to assemble (digest?) the best available information into this Guide, but we welcome being pointed to the errors of our ways.
Storage experts said Bank of America's loss of tapes housing the personal information of 1.2 million government employees suggests the data on them was not encrypted. The case is seen spurring calls for encrypting customer data.
Data encryption renders files unreadable to users, greatly mitigating the security risk brought on by the theft or misplacement of tape cartridges that include stored files.
L33tdawg: Much love to Fyodor Yarochkin for the heads up on this ;)
SHA-1 has been broken. Not a reduced-round version. Not a simplified version. The real thing.
The research team of Xiaoyun Wang, Yiqun Lisa Yin, and Hongbo Yu (mostly from Shandong University in China) have been quietly circulating a paper describing their results:
Voltage Security is expected to announce on Monday that cell phone maker Siemens is putting its encryption technology to the test.
Ten corporate customers of Siemens' communications group will take part in a beta of Voltage's identity-based encryption, or IBE, toolkit, set to be unveiled Monday. The technology takes identity information--such as an e-mail address, phone number or IP address--and uses that for the public key for a cryptographic system, said Matt Pauker, company co-founder.