Open source security software also helps criminals. For example TrueCrypt being free and easy to modify has lowered entry barriers for establishing criminal and cyber-espionnage operations (the same applies, well to Bitcoin software!). Example: Operation Potato Express. A fully functional clone of TrueCrypt was since at least 2011 distributed from Russian web sites such as …
Researchers at UCL and in the US claim that the current systems for e-government citizen/user authentication (for example when dealing with taxes or public services), are deeply FLAWED. The main issue raised is that the current systems which are under roll-out in the UK and the US are very poorly engineered with respect to central server/hub …
Continue reading ‘Should One Be Able to Undetectably Impersonate Citizens?’ »
I was a panellist at 2 Day Event in London, Mon-Tue 15-16 JUNE, Millennium Hotel, Mayfair, London, cf. here. My favourite talk was a talk by Aral Balkan about the 85, human-enslaving ideology emanating from Silicon Valley, design vs. decoration, the institutional corruption, human rights, democracy, and how can we cope to regain some of our lost …
An unprecedented milestone result in cryptography was achieved by researchers at University of Birmingham. They have build a TIME release encryption system based on the bitcoin network. In their protocol it is possible to release a certain document in the future in such a way that it CANNOT be read earlier. The new protocol relies on …
The White House has appointed a well known crypto currency expert Ed Felten from Princeton University Computer Science department. This is a good sign, this means that an informed scientific debate, intellectual honesty and common sense have a chance to survive in the crypto currency world. I have started to doubt about it. Felten has many …
New paper in a series of how to solve Elliptic Curve Discrete Log Problem (ECDLP) in characteristic 2 with sub-exponential complexity. More results on this topic are expected. Remark: it seems to me that the main assumption about degree falls and solvability which is at the heart of this paper, is simply entirely wrong. Recent developments: …
The final report can be found here. The report identifies 4 major vulnerabilities, 2 of them are judged of high severity and are as follows: The most commonly used windows versions of TrueCrypt were found to have a specific problem with calling the function CryptAcquireContext which is used in Truecrypt exclusively for the purpose of …
Recent revelations report how NSA and GCHQ have illegally obtained billions of encryption keys for cellular networks. In particular keys have been stolen from Gemalto through implants and by intercepting emails. The market cap of Gemalto have suffered a serious drop. Gemalto denies that cryptographic keys could have been stolen. If so, this was many years ago …
Continue reading ‘Billions of SIM Card Cryptographic Keys Compromised?’ »
Another theft in a series: nearly 2 millions of dollars are missing from the BTER exchange. A specific transaction created by the thief can be found here. The theft took place on 14 Feb 2015. [added later] Another theft of some 250,000 USD has occurred at another Chinese exchange on 27 Jan 2015. Here some Internet posts …
Bruce Schneier has discovered that machines could break the law and this will break our legal system which will be totally unable to stop the crime from happening. Many years ago when teaching computer security at UCL, I made another prediction: A Turing machine could be made illegal in the future. The modern version of this …
Continue reading ‘On Machines and Algorithms Breaking The Law’ »