• CryptocurrencyThe real risks quantum attacks will pose for Bitcoin

    Combining expertise in quantum technologies and cryptography, researchers have been projecting future dates that quantum computers could jeopardize the security of current cryptocurrencies, a market now worth over $150 billion, and assessing countermeasures to such attacks.

  • EncryptionReal security requires strong encryption – even if investigators get blocked

    By Susan Landau

    The FBI and the U.S. Department of Justice have been fighting against easy, widespread public access to encryption technologies for 25 years. Since the bureau’s dispute with Apple in 2016 over access to the encrypted iPhone of one of the two people who shot 14 victims in San Bernardino, California, this battle has become more pitched. This dispute is not about whether regular people can or should use encryption: The U.S. government is in favor of using encryption to secure data. Rather, it’s about the FBI’s demand that encryption systems include “exceptional access,” enabling police who get a warrant to circumvent the encryption on a device or on an encrypted call. The demand for exceptional access by law enforcement is a broad threat to fundamental parts of American society, and it poses a serious danger to national security as well as individual privacy. As technology changes, the jobs of police and intelligence workers must also change; in some ways, it will be harder, in others, easier. But the basic need for security supports the call for wide use of strong encryption – and without modifications that make it easy for Russians, or others, to break in.

  • EncryptionUnbreakable encrypted messages

    Researchers recently announced a landmark advancement: They used a satellite orbiting Earth to beam pairs of quantum-entangled photons to two Tibetan mountaintops more than 700 miles apart. This distance blew the previous record out of the water. The researchers say this is only the beginning for quantum communication.

  • EncryptionA first: High-dimensional quantum encryption demonstrated

    For the first time, researchers have sent a quantum-secured message containing more than one bit of information per photon through the air above a city. The demonstration showed that it could one day be practical to use high-capacity, free-space quantum communication to create a highly secure link between ground-based networks and satellites, a requirement for creating a global quantum encryption network.

  • EncryptionPopular messaging apps: Encrypting is easy but authenticating is hard

    Most users of popular messaging apps Facebook Messenger, What’sApp and Viber are leaving themselves exposed to fraud or other hacking because they don’t know about or aren’t using important security options. Even though What’sApp and Viber encrypt messages by default, all three messaging apps also require what’s called an authentication ceremony to ensure true security — but because most users are unaware of the ceremony and its importance.

  • Encryption & terrorismEncrypted app allows extremists to plot attacks without detection

    A new report details how extremists and terrorists like ISIS, al-Qaeda, and Hamas are increasingly relying on encrypted applications like Telegram to recruit new members, fundraise, incite to violence, and even coordinate terrorist activity without detection from law enforcement. Telegram’s public-facing “channels” and private messaging “chats” make it a useful weapon for extremist groups.

  • EncryptionQuantum computer will protect your secrets – even over the internet

    Researchers suggest you could operate a quantum computer in the cloud without revealing your data or the program you’re running. The technique could hide both your data and program from the computer itself. Their work counters earlier hints that such a feat is impossible.

  • EncryptionSpace quantum communication using a microsatellite demonstrated

    A big step toward building a truly-secure global communication network: the world’s smallest and lightest quantum-communication transmitter has now been developed. Researchers report they have succeeded in the demonstration of the first quantum- communication experiment from space, receiving information from the satellite in a single-photon regime in an optical ground station in Koganei city. This is a major step toward building a global long-haul and truly-secure satellite communication network.

  • EncryptionEncryption system hides your travel data from Uber

    The apps created by Uber and its competitors put peers in touch with each other when one of them is looking for a ride. But the online platforms these companies have developed also collect users’ personal data – from passengers and drivers alike. Multiplied by millions of users each day, that comes out to be a goldmine of information, especially in the era of Big Data. Researchers looked at how the same level of service could be achieved without disclosing users’ personal data.

  • EncryptionRandom numbers will make life difficult for hackers

    Whenever we need to communicate in secret, a cryptographic key is needed. For this key to work, it must consist of numbers chosen at random without any structure – just the opposite of using the birthdate of our favorite pet. But, for a human, it is extremely difficult to choose without creating any bias, even by hitting the keyboard chaotically. To solve this problem, researchers have developed a new random numbers generator based on the principles of quantum physics.

  • CybersecurityBypassing encryption: “Lawful hacking” is the next frontier of law enforcement technology

    By Ben Buchanan

    The discussion about how law enforcement or government intelligence agencies might rapidly decode information someone else wants to keep secret is – or should be – shifting. One commonly proposed approach, introducing what is called a “backdoor” to the encryption algorithm itself, is now widely recognized as too risky to be worth pursuing any further. The scholarly and research community, the technology industry and Congress appear to be in agreement that weakening the encryption that in part enables information security – even if done in the name of public safety or national security – is a bad idea. Backdoors could be catastrophic, jeopardizing the security of billions of devices and critical communications. A lawful hacking approach offers a solution that appears to gain greater favor with experts than encryption backdoors. A group of scholars proposed some ways we should begin thinking about how law enforcement could hack. Agencies are already doing it, so it’s time to turn from the now-ended debate about encryption backdoors and engage in this new discussion instead.

  • CybersecurityCyber Security R&D Showcase coming in July

    The 2017 Cyber Security R&D Showcase and Technical Workshop is scheduled for 11-13 July at Washington, D.C.’s Mayflower Hotel. In all, fifteen research areas will be featured: mobile security, cyber-physical system security, software assurance, data privacy, identity management, distributed denial of service defense, next generation cyber infrastructure, technology transition, cyber risk economics, cybersecurity research infrastructure, modeling of internet attacks, support for law enforcement, moving-target defense, cloud security and insider threats. During the conference, attendees can choose from more than 115 technical presentations representing a combined $250 million of federally funded R&D.

  • The Russian connectionRussia’s used “active measures” in 2016 U.S. election, and will do more in future, experts tell lawmakers

    The Senate Select Committee on Intelligence on Wednesday launched its investigation into Russian interference in the 2016 U.S. election. Expert witnesses told the senators that decades of Russian covert attempts to undermine confidence in Western institutions will only accelerate in the future unless the United States confronts Russia’s “active measures.” Since 2009, Russia has built a vast information warfare infrastructure, which now involves at least 15,000 operatives worldwide writing and spreading false news stories and conspiracy theories online. Russia created fake social media accounts by mimicking profiles of voters in key election states and precincts in the 2016 election, and used a mix of bots and real people to push propaganda from state-controlled media outlets like Russia Today (RT) and Sputnik. The FSB and the GRU, the two Russian intelligence agencies, created nearly 1,200 websites (“trolls”) which disseminated the fake news to help the Trump campaign. One experts told the senators that the material published by Wikileaks and Guccifer 2.0 “is probably under 1 percent of what we’d attribute to the Russian government stealing,” and that Russia will use the rest of the material to try and blackmail American politicians in the future.

  • EncryptionEncryption requirements to change P25 CAP approved equipment list

    On Monday announced a change in the Project 25 Compliance Assessment Program (P25 CAP) listing of grant-eligible radio equipment for first responders. In order to be fully compliant with all P25 CAP requirements, radio equipment that requires encryption must use Advanced Encryption Standard (AES) 256. Equipment that uses proprietary or other non-standard encryption capabilities without also providing the standard encryption (AES 256) capability does not meet the requirement specified in the Project 25 Compliance Assessment Program Encryption Requirements Compliance Assessment Bulletin (CAB).

  • EncryptionHow WhatsApp encryption works – and why there shouldn’t be a backdoor

    By Antonis Michalas

    A battle between national security and privacy is brewing. Governments and secret services are asking encrypted messaging services such as WhatsApp to allow them access to users’ data, arguing that access to messages will allow authorities to thwart future terror attacks. Ultimately, though, if someone thinks that removing WhatsApp encryption would be the solution to the problem of terrorism or crime, then they don’t understand the actual problem. Even if you were to remove the end-to-end encryption from WhatsApp, criminals could create their own, similar, software that would allow them to communicate securely, while ordinary users would lose the ability to send genuinely private messages.