Skip to main content

Encryption

Encryption alone will not secure data, warns expert after code cracks

posted onJanuary 12, 2010
by hitbsecnews

An encryption method used to keep mobile phone calls secret was cracked in December by a German computer scientist. Last week another form of data encryption, 768-bit RSA encryption, was cracked by researchers who used distributed computing power to process numbers, finding the key to unlock data.

A more secure form of that encryption, 1,024-bit encryption, has not been cracked. The researchers involved said that it would take another decade to crack that encryption.

Encryption software is set to soar

posted onJanuary 12, 2010
by hitbsecnews

JUNIPER RESEARCH reckons that with the value of enterprise information rocketing almost three quarters of handsets will soon need to have added encryption technology.

Juniper said that almost 80 million corporate devices would need extra security by 2014. The numbers come from the report titled Endpoint Security for Business: Desktops, Laptops & Mobile Devices 2009-2014, and tells us that the largest consumers of such tech will come from the UK, closely followed by the US, China and South East Asia.

768-bit RSA encryption has been cracked

posted onJanuary 12, 2010
by hitbsecnews

The days of relying on encryption to protect private data are coming to an end after it emerged that the use of distributed computing resources resulted in the cracking of the seemingly impregnable 769-bit RSA encryption standard.

Hot on the heels of news that the GSM A5/1 encryption system has been cracked comes reports that a second crypto system - 768-bit RSA - has now been hung out to dry using a cluster PC brute-force approach. It emerged over the weekend news that the 768-bit RSA encryption was cracked - generating a huge five-terabyte password file in the process.

Hackers yet to succeed in $250,000 encryption challenge

posted onJanuary 5, 2010
by hitbsecnews

Hackers have yet to claim the $250,000 prize offered by Israel-based data encryption firmGold Lockto anyone who can defeat its technology.

In October 2009 the firm offered $100,000 in gold to anyone that could provide a transcript of a cellular call that was encrypted using one of the company's products and posted on its website.

Researchers demonstrate brilliant quantum hack

posted onJanuary 4, 2010
by hitbsecnews

Two researchers have shown how they can eavesdrop unnoticed on a provably secure quantum key distribution. To do so, Qin Liu and Sebastien Sauge did not of course change the laws of quantum physics. Instead, in archetypal hacker fashion, they successfully attacked the weakest point of a real world, and thus imperfect, implementation of a quantum key distribution system.

Getting Started With Full Disk Encryption

posted onDecember 13, 2009
by hitbsecnews

There was a time, not all that long ago, when a fully-encrypted system disk was something only for people with money to burn. You bought a special disk controller which performed hardware-based encryption, and then trusted the hardware vendor to make sure everything was implemented properly -- e.g., that they were using a good algorithm, that the key size for the encryption wasn't laughably short, and so on.

Encryption Is Cloud Computing Security Savior

posted onNovember 16, 2009
by hitbsecnews

I'm beginning to think that fears about cloud security are overblown. The reason: an intellectual framework is already in place for protecting data, applications, and connections. It's called encryption. What's evolving now, and isn't anywhere near fully baked, is a set of agreed-upon implementations and best practices. Today's post talks about some relevant and interesting work from Trend Micro and from IBM (NYSE: IBM).

Voters Test New Cryptographic Voting System

posted onNovember 4, 2009
by hitbsecnews

It’s an election system voters and math geeks can embrace.

On Tuesday voters in Takoma Park, Maryland, got to try out a new, transparent voting system that lets voters go online to verify that their ballots got counted in the final tally. The system also lets anyone independently audit election results to verify the votes went to the correct candidates.

Crypto spares man who secretly video taped flatmates

posted onOctober 21, 2009
by hitbsecnews

An Australian man who set up an elaborate network of hidden cameras to spy on his flatmates has escaped jail time after police were unable to crack the encryption scheme protecting his computer.

When police raided the residence of Rohan James Wyllie, they found found a series of peepholes drilled into the walls and doors of rooms occupied by his two female and one male flatmates. Wires led to Wyllie's bedroom, and the names of files on his computer were consistent with video footage that would have been recorded onto the hard drive of his computer.

Full Disk Encryption Dos and Don'ts

posted onOctober 21, 2009
by hitbsecnews

Full disk encryption (FDE) systems use strong encryption algorithms to automatically protect all data stored on the hard drives of PCs and laptop computers. Users can access the data via an authentication device, such as a password, token or smart card. This enables the system to retrieve the key that decrypts the disk. On many systems, functions such as key management, access control, lock-outs, reporting and recovery are all managed centrally.