PDAs

A new report dashes any remaining illusions that 802.11-based (Wi-Fi) wireless local-area networks are in any way secure. The paper, written by three of the world's foremost cryptographers, describes a devastating attack on the RC4 cipher, on which the WLAN wired-equivalent privacy (WEP) encryption scheme is based.

PKI is a catchall term for the infrastructure required to manage digital certificates and highly secure encryption. It encompasses a great deal: industry standards, software and hardware systems, business processes and security policies - even human resources within a company responsible for carrying out various "trust processes."

But the purpose of PKI is simple: to let companies and organizations conduct business on private networks and the Internet with the same level of trust we had in the old paper-based world. PKI has two main components:

The French Credit Card uses a state of the art technology: a chip embedded with strong encryption measures. The authentification keys are 320 and 728 bits long and are RSA encoded. As soon as the private key was anonymously published on the Net back in March 2000, French hobbyists started working on an emulator which resulted in a software program being developed which enables hackers and others to clone or emulate a valid credit card. The proof of the authentification flaw was first demonstrated by Serge Humpich on July 1998.

The recently-introduced Macrovision "SafeAudio" system for copy-protecting CDs may have already been broken, according to at least one European cracker site.

The new system, which is intended to prevent the copying, or "ripping" of Audio CDs on a computer, allegedly does not affect audio playback on regular CD players, or even on the CD drives of PCs.

RSA Security, which makes security products used to protect and manage access to computer systems, on Tuesday said it would acquire privately held Securant Technologies for $136.5 million in cash, to add authorization technology to its product mix.

RSA's products ensure the authenticity of people, devices and transactions. With Securant's technology, it now will be able to offer products that control what those users see or do once they have been authenticated.

Jim Reavis, writing for NETWORK WORLD says that 'security products should begin rolling out this year based on Advanced Encryption Standard, which the U.S. government has selected to replace the current Data Encryption Standard, AES' predecessor. The National Institute of Standards and Technology (NIST) in October selected Rijndael (pronounced "rain doll"), the combined work of Belgian researchers Vincent Rijmen and Joan Daemen, as the basis for AES.

In this series, you'll learn how RSA and DSA authentication work, and see how to set up passwordless authentication the right way. In the first article of the series, Daniel Robbins focuses on introducing the RSA and DSA authentication protocols and showing you how to get them working over the network. Many of us use the excellent OpenSSH (see Resources later in this article) as a secure, encrypted replacement for the venerable telnet and rsh commands.

RSA Security is running a factoring challenge that offers would-be
code breakers a prize of up to $200,000 for finding the two numbers
of the kind used to create ultra-secure 2048-bit encryption key.

The idea of the RSA Factoring Challenge, which has been set
before with lower-strength ciphers, is to encourage research into
computational number theory and the practical difficulty of factoring
large integers.

Thomson Multimedia S.A. is banking on smart-card and encryption technology to put Hollywood more at ease with developing and distributing digital video content. Thompson's SmartRight system would use smart cards to prevent viewers of digital films and video broadcasts from sharing that content beyond the walls of their homes. Observers say movie studios and television broadcasters are concerned that a video version of Napster will lead to such redistribution and eat into home-entertainment revenue.

Gerald Gilbert, director of Mitre's Quantum Information Science Group, announced the possibility of a working prototype for a system that uses photons to transmit encrypted data within eighteen months. During Gilbert's presentation to the Quantum Applications Symposium this month, the Mitre scientist revealed that superconducting materials can be used to count photons at much higher rates than previously thought, allowing data transmission speeds of up to 1Gbps.