Encryption

Voltage Security is expected to announce on Monday that cell phone maker Siemens is putting its encryption technology to the test.

Ten corporate customers of Siemens' communications group will take part in a beta of Voltage's identity-based encryption, or IBE, toolkit, set to be unveiled Monday. The technology takes identity information--such as an e-mail address, phone number or IP address--and uses that for the public key for a cryptographic system, said Matt Pauker, company co-founder.

Researchers have discovered cryptographic vulnerabilities in the RFID technology used in high-security car keys and petrol pump payment systems. The attack against Texas Instruments DST tags used in vehicle immobilisers and ExxonMobil's SpeedPass system was identified by experts at Johns Hopkins University and RSA Laboratories.

Steve Wozniak's Wheels of Zeus is beginning to roll, and enterprise data protection is one destination on the Apple Computer Inc. co-founder's mind. Wozniak offered a peek into his vision for the company on Ziff Davis Media's Security Virtual Tradeshow, where he introduced "wOz Location-Based Encryption," an application that uses GPS tracking within a wireless hub to encrypt and decrypt sensitive data for large businesses.

Wireless networks running the open-source MeshAP will be able to handle encrypted traffic almost as fast as unencrypted

A hardware-based cryptographic technology developed by VIA Technologies could allow distributed wireless networks to transmit encrypted data much faster than before.

The VIA PadLock ACE (Advanced Cryptography Engine) runs on top of VIA's C5P Nehemia core processor. It is capable of encrypting or decrypting data at a maximum rate of 12.8 Gigabits per second, and can cope with 128-bit, 196-bit and 256-bit keys.

It's a hacker's nightmare but a dream for bankers and spies: A computer network so secure that even the simplest attempts to eavesdrop will interrupt the flow of data and alert administrators to the snooping.

The work by researchers at Harvard University, Boston University and BBN Technologies is the closest scientists have come to a real-world quantum encryption system that uses light particles called photons to lock and unlock information instead of random-number "keys."

At the Crypto 2004 conference in Santa Barbara, Calif., this week, researchers announced several weaknesses in common hash functions. These results, while mathematically significant, aren't cause for alarm. But even so, it's probably time for the cryptography community to get together and create a new hash standard.

Encryption circles are buzzing this week with news that mathematical functions embedded in common security applications might have previously unknown weaknesses.

The excitement began last Thursday with an announcement that French computer scientist Antoine Joux had uncovered a flaw in a popular algorithm called MD5, often used with digital signatures. Then four Chinese researchers released a paper that reported a way to circumvent a second algorithm, SHA-0.

The trick of public key encryption -- the best known approach is called RSA for the initials of its inventors -- is that one key can be used to scramble the data while a different, mathematically related, key is used to unscramble it. When you download a digitally signed program, the first thing your computer does is check the Web site's digital certificate. It then queries the CA that issues the certificate to make sure it's still valid and to obtain the public key.

This lengthy and highly technical primer provides a gentle yet thorough introduction to elliptical key cryptography (ECC), said to be ideal for resource-constrained systems because it provides more "security per bit" than other types of asymmetric cryptography. The paper is from Certicom, which markets Security Builder toolkits targeting various popular desktop, server, and embedded operating systems. Asymmetric cryptography is a marvellous technology. Its uses are many and varied.

Recent reports that the United States had broken codes used by the Iranian intelligence service have intrigued experts on cryptology because a modern cipher should be unbreakable. Four leading British experts told BBC News Online that the story, if true, points to an operating failure by the Iranians or a backdoor way in by the National Security Agency (NSA) - the American electronic intelligence organisation.