Collaborate Disseminate
This one is from the Netherlands. It seems to be clever cryptanalysis rather than a backdoor. The Dutch intelligence service has been able to read encrypted communications from dozens of countries since the late 1970s thanks to a microchip, according t… Continue reading Another Story of Bad 1970s Encryption
This one is from the Netherlands. It seems to be clever cryptanalysis rather than a backdoor. The Dutch intelligence service has been able to read encrypted communications from dozens of countries since the late 1970s thanks to a microchip, according to research by de Volkskrant on Thursday. The Netherlands could eavesdrop on confidential communication from countries such as Iran, Egypt… Continue reading Another Story of Bad 1970s Encryption
In sensor nodes, there arises a need to store the master secret key safely. Which is the most perfect location to store the key when the sensor nodes (such as implanted body sensor node) are highly resource-constrained ones?
Continue reading Storage of secret key in resource-constrained sensor nodes
I am new to ChaCha20. From the RFC —
The inputs to ChaCha20 are:
o A 256-bit key, treated as a concatenation of eight 32-bit little-
endian integers.
o A 96-bit nonce, treated as a concatenation of three 32-bit little-
e… Continue reading Using Chacha20 with a NULL nonce
I’m trying to calculating the unicity distance for a cipher applied to a language I wrote and I’m having trouble understanding the concept of redundancy in a language.
From this book
The redundancy of a language severely reduces the … Continue reading How to calculate the redundancy of a language
Say I talk to a developer who is using some output of a Pseudo-random number generator in order to do some security task. I know based upon common knowledge that only Cryptographically Secure Pseudo Random Numbers should be used.
However,… Continue reading How can I validate that a PRNG’s output is insecure and predictable?
When using compression on openssh (a la ssh -C …), does this reduce entropy and make the tunnel traffic more vulnerable to cryptanalysis? Is compression an option I should disable server-side for this or any other reason?
I have a vagu… Continue reading Does it weaken the encryption of SSH to use compression?
This just in: We are pleased to announce the factorization of RSA-240, from RSA’s challenge list, and the computation of a discrete logarithm of the same size (795 bits): RSA-240 = 12462036678171878406583504460810659043482037465167880575481878888328 96… Continue reading RSA-240 Factored
This just in: We are pleased to announce the factorization of RSA-240, from RSA’s challenge list, and the computation of a discrete logarithm of the same size (795 bits): RSA-240 = 12462036678171878406583504460810659043482037465167880575481878888328 966680118821085503603957027250874750986476843845862105486553797025393057189121 768431828636284694840530161441643046806687569941524699318570418303051254959437 1372159029236099 = 509435952285839914555051023580843714132648382024111473186660296521821206469746 700620316443478873837606252372049619334517 * 244624208838318150567813139024002896653802092578931401452041221336558477095178 155258218897735030590669041302045908071447 […] The previous records were RSA-768 (768 bits) in December 2009 [2], and a 768-bit prime discrete logarithm in… Continue reading RSA-240 Factored
The NSA has released a security advisory warning of the dangers of TLS inspection: Transport Layer Security Inspection (TLSI), also known as TLS break and inspect, is a security process that allows enterprises to decrypt traffic, inspect the decrypted content for threats, and then re-encrypt the traffic before it enters or leaves the network. Introducing this capability into an enterprise… Continue reading The NSA Warns of TLS Inspection