• Better safeguards for sensitive information

    Despite being the most advanced quantum technology, secure encryption of information units based on a method called quantum key distribution (QKD) is currently limited by the channel’s capacity to send or share secret bits. Researchers show how to better approach the secret key capacity by improving the channel’s lower boundary.

  • New computing architectures to deliver verifiable data assurances

    Whether a piece of information is private, proprietary, or sensitive to national security, systems owners and users have little guarantees about where their information resides or of its movements between systems. As is the case with consumers, the national defense and security communities similarly have only few options when it comes to ensuring that sensitive information is appropriately isolated, particularly when it’s loaded to an internet-connected system. A new program seeks to create new software and hardware architectures that provide physically provable assurances around data security and privacy.

  • Achieving better security with randomly generating biological encryption keys

    Data breaches, hacked systems and hostage malware are frequently topics of evening news casts — including stories of department store, hospital, government and bank data leaking into unsavory hands — but now a team of engineers has an encryption key approach that is unclonable and not reverse-engineerable, protecting information even as computers become faster and nimbler.

  • From encrypting the web to encrypting the net: 2018 year in review

    We saw 2017 tip the scales for HTTPS. In 2018, web encryption continues to improve. The focus has begun to shift toward email security, and the security community is shifting its focus toward further hardening TLS, the protocol that drives encryption on the Internet.

  • New cryptography must be developed and deployed now, even if quantum threats are a decade away

    Given the current state of quantum computing and the significant challenges that still need to be overcome, it is highly unlikely that a quantum computer that can compromise public-key cryptography – a basis for the security of most of today’s computers and networks – will be built within the next decade, says a new report by the National Academies of Sciences. However, because replacing an established internet protocol generally takes over a decade, work to develop and deploy algorithms that are resilient against an attack by a quantum computer is critical now.

  • Revolutionizing cybersecurity through quantum research

    Scientists have found a novel way to safeguard quantum information during transmission, opening the door for more secure and reliable communication for warfighters on the battlefield. Recent advancements of cutting-edge technologies in lasers and nanophysics, quantum optics and photonics have given researchers the necessary tools to control and manipulate miniature quantum systems, such as individual atoms or photons - the smallest particles of light.

  • Unhackable communication: Single particles of light could bring the “quantum internet”

    Hacker attacks on everything from social media accounts to government files could be largely prevented by the advent of quantum communication, which would use particles of light called “photons” to secure information rather than a crackable code. The problem is that quantum communication is currently limited by how much information single photons can help send securely, called a “secret bit rate.” Researchers created a new technique that would increase the secret bit rate 100-fold, to over 35 million photons per second.

  • Open-source hardware could defend against the next generation of hacking

    Imagine you had a secret document you had to store away from prying eyes. And you have a choice: You could buy a safe made by a company that kept the workings of its locks secret. Or you could buy a safe whose manufacturer openly published the designs, letting everyone – including thieves – see how they’re made. Which would you choose? It might seem unexpected, but as an engineering professor, I’d pick the second option.

  • Economic benefit of NIST’s encryption standard at least $250 billion

    NIST has released a study that estimates a $250 billion economic impact from the development of its Advanced Encryption Standard (AES) over the past twenty years. AES is a cryptographic algorithm used to encrypt and decrypt electronic information. It was approved for use by the federal government in November 2001 and has since been widely adopted by private industry. Today, AES protects everything from classified data and bank transactions to online shopping and social media apps.

  • Why and how people forget passwords

    Do you frequently forget passwords to a baffling array of accounts and websites? Much depends on a password’s importance and how often you use it, according researchers. Their study could spur improved password technology and use.

  • Qrypt licenses ORNL’s quantum random number generator to bolster encryption methods

    Qrypt, Inc. has licensed a novel cyber security technology from ORNL, promising a stronger defense against cyberattacks including those posed by quantum computing. Qrypt will incorporate ORNL’s quantum random number generator, or QRNG, into the company’s existing encryption platform, using inherent quantum randomness to create unique and unpredictable encryption keys enabling virtually impenetrable communications.

  • Closing security hole in popular encryption software

    Cybersecurity researchers have helped close a security vulnerability that could have allowed hackers to steal encryption keys from a popular security package by briefly listening in on unintended “side channel” signals from smartphones.

  • Making phrase-based passwords more user friendly for better online security

    Although passphrases, or phrase-based passwords, have been found to be more secure than traditional passwords, human factors issues such as typographical errors and memorability have slowed their wider adoption. Researchers have developed and tested two new passphrase systems that seek to address these shortcomings and improve the usability and security of existing passphrase authentication systems.

  • Quantum encryption to protect communications from hackers

    Securing highly sensitive information, such as hospital records and bank details, is a major challenge faced by companies and organization throughout the world. Researchers have shown that a new quantum-based procedure for distributing secure information along communication lines could be successful in preventing serious security breaches.

  • The ENCRYPT Act protects encryption from U.S. state prying

    It’s not just the DOJ and the FBI that want to compromise your right to private communications and secure devices—some state lawmakers want to weaken encryption, too. In recent years, a couple of state legislatures introduced bills to restrict or outright ban encryption on smartphones and other devices. Fortunately, several Congress members recently introduced their own bill to stop this dangerous trend before it goes any further.