• Proof of randomness for stronger future digital security

    Nearly all secure online traffic — from shopping to banking to communications — relies on a technique of randomly generating a number that serves as a key to unlock encrypted communication. The problem is that small programming errors can make these systems vulnerable, and those vulnerabilities can often be very difficult to detect. In an effort to block emerging threats to online security, researchers have developed a method to verify the strength of random number generators that form the basis of most encryption systems.

  • Nanomaterials’ cryptographic potential may be ultimate defense against hackers

    The next generation of electronic hardware security may be at hand as researchers introduce a new class of unclonable cybersecurity security primitives made of a low-cost nanomaterial with the highest possible level of structural randomness. Randomness is highly desirable for constructing the security primitives that encrypt and thereby secure computer hardware and data physically, rather than by programming.

  • High-speed quantum encryption may secure the future internet

    Recent advances in quantum computers may soon give hackers access to machines powerful enough to crack even the toughest of standard internet security codes. With these codes broken, all of our online data—from medical records to bank transactions—could be vulnerable to attack. To fight back against the future threat, researchers are wielding the same strange properties that drive quantum computers to create theoretically hack-proof forms of quantum data encryption.

  • The real risks quantum attacks will pose for Bitcoin

    Combining expertise in quantum technologies and cryptography, researchers have been projecting future dates that quantum computers could jeopardize the security of current cryptocurrencies, a market now worth over $150 billion, and assessing countermeasures to such attacks.

  • Real security requires strong encryption – even if investigators get blocked

    The FBI and the U.S. Department of Justice have been fighting against easy, widespread public access to encryption technologies for 25 years. Since the bureau’s dispute with Apple in 2016 over access to the encrypted iPhone of one of the two people who shot 14 victims in San Bernardino, California, this battle has become more pitched. This dispute is not about whether regular people can or should use encryption: The U.S. government is in favor of using encryption to secure data. Rather, it’s about the FBI’s demand that encryption systems include “exceptional access,” enabling police who get a warrant to circumvent the encryption on a device or on an encrypted call. The demand for exceptional access by law enforcement is a broad threat to fundamental parts of American society, and it poses a serious danger to national security as well as individual privacy. As technology changes, the jobs of police and intelligence workers must also change; in some ways, it will be harder, in others, easier. But the basic need for security supports the call for wide use of strong encryption – and without modifications that make it easy for Russians, or others, to break in.

  • Unbreakable encrypted messages

    Researchers recently announced a landmark advancement: They used a satellite orbiting Earth to beam pairs of quantum-entangled photons to two Tibetan mountaintops more than 700 miles apart. This distance blew the previous record out of the water. The researchers say this is only the beginning for quantum communication.

  • A first: High-dimensional quantum encryption demonstrated

    For the first time, researchers have sent a quantum-secured message containing more than one bit of information per photon through the air above a city. The demonstration showed that it could one day be practical to use high-capacity, free-space quantum communication to create a highly secure link between ground-based networks and satellites, a requirement for creating a global quantum encryption network.

  • Popular messaging apps: Encrypting is easy but authenticating is hard

    Most users of popular messaging apps Facebook Messenger, What’sApp and Viber are leaving themselves exposed to fraud or other hacking because they don’t know about or aren’t using important security options. Even though What’sApp and Viber encrypt messages by default, all three messaging apps also require what’s called an authentication ceremony to ensure true security — but because most users are unaware of the ceremony and its importance.

  • Encrypted app allows extremists to plot attacks without detection

    A new report details how extremists and terrorists like ISIS, al-Qaeda, and Hamas are increasingly relying on encrypted applications like Telegram to recruit new members, fundraise, incite to violence, and even coordinate terrorist activity without detection from law enforcement. Telegram’s public-facing “channels” and private messaging “chats” make it a useful weapon for extremist groups.

  • Quantum computer will protect your secrets – even over the internet

    Researchers suggest you could operate a quantum computer in the cloud without revealing your data or the program you’re running. The technique could hide both your data and program from the computer itself. Their work counters earlier hints that such a feat is impossible.

  • Space quantum communication using a microsatellite demonstrated

    A big step toward building a truly-secure global communication network: the world’s smallest and lightest quantum-communication transmitter has now been developed. Researchers report they have succeeded in the demonstration of the first quantum- communication experiment from space, receiving information from the satellite in a single-photon regime in an optical ground station in Koganei city. This is a major step toward building a global long-haul and truly-secure satellite communication network.

  • Encryption system hides your travel data from Uber

    The apps created by Uber and its competitors put peers in touch with each other when one of them is looking for a ride. But the online platforms these companies have developed also collect users’ personal data – from passengers and drivers alike. Multiplied by millions of users each day, that comes out to be a goldmine of information, especially in the era of Big Data. Researchers looked at how the same level of service could be achieved without disclosing users’ personal data.

  • Random numbers will make life difficult for hackers

    Whenever we need to communicate in secret, a cryptographic key is needed. For this key to work, it must consist of numbers chosen at random without any structure – just the opposite of using the birthdate of our favorite pet. But, for a human, it is extremely difficult to choose without creating any bias, even by hitting the keyboard chaotically. To solve this problem, researchers have developed a new random numbers generator based on the principles of quantum physics.

  • Bypassing encryption: “Lawful hacking” is the next frontier of law enforcement technology

    The discussion about how law enforcement or government intelligence agencies might rapidly decode information someone else wants to keep secret is – or should be – shifting. One commonly proposed approach, introducing what is called a “backdoor” to the encryption algorithm itself, is now widely recognized as too risky to be worth pursuing any further. The scholarly and research community, the technology industry and Congress appear to be in agreement that weakening the encryption that in part enables information security – even if done in the name of public safety or national security – is a bad idea. Backdoors could be catastrophic, jeopardizing the security of billions of devices and critical communications. A lawful hacking approach offers a solution that appears to gain greater favor with experts than encryption backdoors. A group of scholars proposed some ways we should begin thinking about how law enforcement could hack. Agencies are already doing it, so it’s time to turn from the now-ended debate about encryption backdoors and engage in this new discussion instead.

  • Cyber Security R&D Showcase coming in July

    The 2017 Cyber Security R&D Showcase and Technical Workshop is scheduled for 11-13 July at Washington, D.C.’s Mayflower Hotel. In all, fifteen research areas will be featured: mobile security, cyber-physical system security, software assurance, data privacy, identity management, distributed denial of service defense, next generation cyber infrastructure, technology transition, cyber risk economics, cybersecurity research infrastructure, modeling of internet attacks, support for law enforcement, moving-target defense, cloud security and insider threats. During the conference, attendees can choose from more than 115 technical presentations representing a combined $250 million of federally funded R&D.