Enigma cipher machines are rare collector items which are worth a small fortune. It is estimated that at least 50,000 Enigma machines have been manufactured during the WW2. Some Enigma machines are more exceptional than other, as there are much fewer of them left. When Polish code breakers went to France after Poland was overrun by …
Continue reading ‘Two Particularly Rare Enigma Machines Made in France’ »
I have spend a few recent days at 2015 CCC congress in Hamburg. CCC is the biggest security conference in Europe with 12,000 participants, and potentially more [tickets were sold out]. Most talks I have attended were really good! 90% are really excellent. CCC is IMHO also the best security conference in Europe. A place like …
Continue reading ‘RNG – Do Not Stop Worrying About Linux urandom’ »
Microsoft have released a new free ECC library which is up to 5x faster than with the traditional elliptic curve P-256 (which was so far the most commonly used curve in practical applications) and a also up to 3x faster than a well-known alternative Curve25519. Bitcoin elliptic curve belongs to the category “special therefore suspicious” and have been …
According to BBC and many other sources, islamic state terrorists use a messaging app called Telegram to encrypt communications for groups of users. On the surface, Telegram developers seem to support high security standards: they have published the spec and API and funded in November 2014 a handsome 300,000 USD cash prize for cracking …
Continue reading ‘How Islamic State Terrorists Encrypt Their Messages’ »
Some work done at UCL regarding bitcoin and speed: HOW to crack bitcoin passwords at a very high speed: brainflayer cracker where we read that: “The bulk of Brainflayer was written by Ryan Castellucci. Nicolas Courtois and Guangyan Song contributed the code in ec_pubkey_fast.c which more than doubles the speed of public key computations compared with …
A so called Bitcoin Generator Tool v.2.9 have been released today (Sat 3 Oct 2015) and already 260 downloads within a few hours! It is a ZIP file which claims that it performs full access on the Bitcoin central SQL database and allows one to add bitcoins to his account. Needless to say there is no such …
Continue reading ‘Criminals Exploit Lack Of Knowledge of How Bitcoin Works’ »
Breaking news: the cryptography that we all know and use, such AES-128, SHA-1 and SHA-256, RSA/DH, and the most commonly used elliptic curve P-256 (a.k.a. secp256r1) are NO LONGER wholeheartedly supported by the NSA. In fact most of these, if not all, are not quite recommended anymore. Until now and for the last 10+ years the NSA and the …
Continue reading ‘NSA Plans To Retire Current Cryptography Standards’ »
20 million dollars have just been invested in BitFury (July 2015), totaling 60 million which this company has raised (source: coindesk). There was nothing like this for at least 5 months. On Mining Profitability I find it very surprising that people invest in bitcoin mining. Why? My [private] conjecture is as follows: mining …
Open source security software also helps criminals. For example TrueCrypt being free and easy to modify has lowered entry barriers for establishing criminal and cyber-espionnage operations (the same applies, well to Bitcoin software!). Example: Operation Potato Express. A fully functional clone of TrueCrypt was since at least 2011 distributed from Russian web sites such as …
Researchers at UCL and in the US claim that the current systems for e-government citizen/user authentication (for example when dealing with taxes or public services), are deeply FLAWED. The main issue raised is that the current systems which are under roll-out in the UK and the US are very poorly engineered with respect to central server/hub …
Continue reading ‘Should One Be Able to Undetectably Impersonate Citizens?’ »