• Don’t Rush Quantum-Proof Encryption, Warns NSA Research Director

    In 1994, Peter Shor, a mathematician, discovered a way to crack the codes that banks, e-commerce platforms, and intelligence agencies use to secure their digital information. “Shor’s algorithm” drastically shortened the time it took to find the prime numbers that underlie public-key cryptography, making codes that typically take thousands of years to break solvable in a matter of months. Jack Corrigan writes that there was a catch: Shor’s algorithm could run only on quantum computers, and they did not exist twenty-five years ago. They are much closer today, and this has many security experts worried.

  • Why Adding Client-Side Scanning Breaks End-To-End Encryption

    Recent attacks on encryption have diverged. On the one hand, we’ve seen Attorney General William Barr call for “lawful access” to encrypted communications, using arguments that have barely changed since the 1990’s. Erica Portnoy writes that we’ve also seen suggestions from a different set of actors for more purportedly “reasonable” interventions, particularly the use of client-side scanning to stop the transmission of contraband files, most often child exploitation imagery (CEI).

  • Rethinking Encryption

    In the face of congressional inaction, and in light of the magnitude of the threat, it is time for governmental authorities—including law enforcement—to embrace encryption because it is one of the few mechanisms that the United States and its allies can use to more effectively protect themselves from existential cybersecurity threats, particularly from China. This is true even though encryption will impose costs on society, especially victims of other types of crime.

  • Will Canada Weaken Encryption with Backdoors?

    Imagine you wake up one morning and discover that the federal government is requiring everyone to keep their back doors unlocked. First responders need access your house in an emergency, they say, and locked doors are a significant barrier to urgent care. For the good of the nation, public health concerns outweigh the risk to your privacy and security. Sounds crazy, right? Byron Holland writes that, unfortunately, a number of governments are considering a policy just like this for the internet, and there’s growing concern that the Canadian government could soon follow suit.

  • Cryptography without Using Secret Keys

    Most security applications, for instance access to buildings or digital signatures, use cryptographic keys that must at all costs be kept secret. That also is the weak link: who will guarantee that the key doesn’t get stolen or hacked? Researchers, using a physical unclonable key (PUK) and the quantum properties of light, researchers present a new type of data security that does away with secret keys.

  • U.S., U.K. and Australia to Call on Facebook to Create Backdoor to Encrypted Messages

    The United States, United Kingdom, and Australia will pressure Facebook to create a backdoor into its encrypted messaging apps which would allow governments to access the content of private communications, according to an open letter from top government officials to Mark Zuckerberg. The letter is expected to be released Friday. Law enforcement agencies have long argues that encrypted communications, while protecting privacy, also shields criminals and terrorists, making investigations of crimes and acts of terror much more difficult.

  • Child Exploitation and the Future of Encryption

    On Sept. 28, the New York Times published a harrowing, in-depth investigative story on the prevalence of child pornography on the internet. The piece describes a staggering increase in the number of reports flagging child sexual abuse imagery online from an already-high one million in 2014 to an almost unfathomable 18.4 million in 2018—an increase of almost 1,750 percent in just four years. a full 12 million came from just one service, Facebook Messenger. But this vital stream of evidence may soon come to an end. The Times notes that, as part of a controversial effort to become more “privacy-focused.”

  • How Long Will Unbreakable Commercial Encryption Last?

    Most people who follow the debate over unbreakable, end-to-end encryption think that it’s more or less over, and that unbreakable commercial encryption is here to stay. But. this complacent view is almost certainly wrong. Enthusiasm for controlling encryption is growing among governments all around the world and by no means only in authoritarian regimes. Even Western democracies — not only authoritarian regimes — are giving their security agencies authorities that nibble away at the inviolability of commercial encryption. “While the debate over encryption has stalled in the United States, it’s been growing fiercer abroad as other nations edge closer to direct regulation of commercial encryption,” Stewart Baker writes.

  • Why the Ghost Keys ‘Solution’ to Encryption is No Solution

    The use of applications such as Signal, WhatsApp, iMessage, and Facebook Messenger for communications secured by end-to-end encryption has exploded over the past few years. Today, regular users of these and similar services number in the billions around the world. The U.S. Justice Department and the FBI have claimed repeatedly that the extensive use of such services hampers their ability to conduct investigations, because they cannot access encrypted communications. Officials in other countries have put forward a proposal they say would provide the needed access. But due to the fundamentals of public key encryption, this regime would end up raising most of the same concerns as other encryption back-door proposals floated in recent years.

  • Four Ways Blockchain Could Make the Internet Safer, Fairer, and More Creative

    The internet is unique in that it has no central control, administration or authority, but in recent years internet services such as search engines and social media platforms have increasingly been provided by a small number of very large tech firms. The internet is slowly turning into something like the current financial system, which centrally monitors all transactions and uses that data to predict what people will buy in future. Bitcoin, which surfaced on the internet in 2008, sought to break the influence that large, private bodies have over what we do online. The researchers had finally solved one of the biggest concerns with digital currencies – that they need central control by the companies that operate them, in the same way traditional currencies are controlled by a bank. People researching Bitcoin – and blockchains which undergird it — may have overlooked one of its most useful applications – making the internet better for everyone who uses it.

  • Quantum – a double-edged sword for cryptography

    Quantum computers pose a big threat to the security of modern communications, deciphering cryptographic codes that would take regular computers forever to crack. But drawing on the properties of quantum behavior could also provide a route to truly secure cryptography.

  • IS’s English-speaking fighters use Telegram to reinforce faith in the caliphate

    English-speaking Islamic State supporters are refusing to give up on the terror group’s ability to remain a force in Syria and Iraq. Even as the terror group was losing ground in Syria and Iraq to U.S.-backed forces, and even as IS leadership was encouraging followers to start looking to progress in IS provinces elsewhere, English-speaking supporters turned to Telegram to reinforce their faith in the caliphate.

  • More than security: Passwords serve a personal purpose

    A study has shown that people build their passwords from personal information for a variety of reasons including to invoke important memories or achieve future goals. The study found around half of the respondents infused their passwords with autobiographical memories.

  • Secure information exchange: Quantum communication over fiber-optic networks

    Searching for better security during data transmission, governments and other organizations around the world have been investing in and developing technologies related to quantum communication and related encryption methods. Researchers are looking at how these new systems—which, in theory, would provide unhackable communication channels—can be integrated into existing and future fiber-optic networks.

  • Quantifying how much quantum information can be eavesdropped

    The most basic type of quantum information processing is quantum entanglement. In a new study, researchers have provided a much finer characterization of the distributions of entanglement in multi-qubit systems than previously available. These findings can be used in quantum cryptography to estimate the quantity of information an eavesdropper can capture regarding the secret encryption key.