Crypto History Conference
A very nice event with talks from leading European experts in crypto history will take place in Kassel, Germany on Thursday 5 May 2016. Enigma picture (c) source.
Archive of posts filed under the Cybersecurity category.
RNG – Do Not Stop Worrying About Linux urandom
I have spend a few recent days at 2015 CCC congress in Hamburg. CCC is the biggest security conference in Europe with 12,000 participants, and potentially more [tickets were sold out]. Most talks I have attended were really good! 90% are really excellent. CCC is IMHO also the best security conference in Europe. A place like …
Continue reading ‘RNG – Do Not Stop Worrying About Linux urandom’ »
Super Fast Elliptic Curve Cryptography
Microsoft have released a new free ECC library which is up to 5x faster than with the traditional elliptic curve P-256 (which was so far the most commonly used curve in practical applications) and a also up to 3x faster than a well-known alternative Curve25519. Bitcoin elliptic curve belongs to the category “special therefore suspicious” and have been …
Stop Using Passwords, Now!
Edward Lucas wrote a nice piece on how businesses can dramatically improve their cyber-security. He says that: “Well-run organisations will stop using passwords and logins in 2016. Instead they will use identifiers that are harder to copy, fake, steal or guess […] Security questions will stop being […] “mother’s maiden name”. Instead they will ask …
How Islamic State Terrorists Encrypt Their Messages
According to BBC and many other sources, islamic state terrorists use a messaging app called Telegram to encrypt communications for groups of users. On the surface, Telegram developers seem to support high security standards: they have published the spec and API and funded in November 2014 a handsome 300,000 USD cash prize for cracking …
Continue reading ‘How Islamic State Terrorists Encrypt Their Messages’ »
Speed Matters
Some work done at UCL regarding bitcoin and speed: HOW to crack bitcoin passwords at a very high speed: brainflayer cracker where we read that: “The bulk of Brainflayer was written by Ryan Castellucci. Nicolas Courtois and Guangyan Song contributed the code in ec_pubkey_fast.c which more than doubles the speed of public key computations compared with …
Criminals Exploit Lack Of Knowledge of How Bitcoin Works
A so called Bitcoin Generator Tool v.2.9 have been released today (Sat 3 Oct 2015) and already 260 downloads within a few hours! It is a ZIP file which claims that it performs full access on the Bitcoin central SQL database and allows one to add bitcoins to his account. Needless to say there is no such …
Continue reading ‘Criminals Exploit Lack Of Knowledge of How Bitcoin Works’ »
NSA Plans To Retire Current Cryptography Standards
Breaking news: the cryptography that we all know and use, such AES-128, SHA-1 and SHA-256, RSA/DH, and the most commonly used elliptic curve P-256 (a.k.a. secp256r1) are NO LONGER wholeheartedly supported by the NSA. In fact most of these, if not all, are not quite recommended anymore. Until now and for the last 10+ years the NSA and the …
Continue reading ‘NSA Plans To Retire Current Cryptography Standards’ »
Is Bitcoin Going to Split in Two?
Two prominent bitcoin gurus Gavin Andresen and Mike Hearn decided to release their own software distribution of bitcoin and ALTER the specification of bitcoin! There will be a possibility to mine blocks with a new version number and new rules. This is meant to make bitcoin more democratic: larger blocks, more transactions per second, lower fees, wider …
On InfoSec Apathy
An interesting paper on the state of InfoSec apathy in which we have lived for too long now. Some citations: “[…]stop buying from vendors who don’t have a strong public – and practical – commitment to security”. “We need to show that we will use our wallets with …