Page 11234..1020..»

Symmetric Encryption Algorithms: Live Long & Encrypt – Hashed Out by The SSL Store – Hashed Out by The SSL Store

Much like tribbles in Star Trek, symmetric encryption is everywhere. Well explore symmetric key algorithms and take you to places no non-IT person has gone before

Symmetric encryption algorithms are the underlying processes that make secure communications possible. If you were to put it into Star Trek-related terms, symmetric algorithms are the warp drive for your starships propulsion system. Theyre integral to information security and are what help your business move forward with data encryption securely and at faster-than-light speeds.

(Yes, I know, Im really flying my nerd flag high today. While fascinating, symmetric key algorithms arent exactly light or easy reading so Ive got to have some fun when writing. Damn it, Jim, Im a cybersecurity writer, not a cryptographer.)

Make sure to refresh your coffee (or earl grey tea, if thats more your speed). Were about to take a deep dive into exploring what symmetric encryption algorithms are, why theyre important, and what the most common symmetric encryption algorithm types are.

Make it so.

Lets hash it out.

Symmetric algorithms are the cryptographic functions that are central to symmetric key encryption. Theyre a set of instructions or steps that computers follow to perform specific tasks relating to encrypting and decrypting data.

Feel like you need a universal translator? Okay, lets break this down a bit more.

Symmetric encryption algorithms are used (combined with an encryption key) to do two main things:

Symmetric encryption algorithms use the same encryption key for both encryption and decryption. (Unlike asymmetric encryption algorithms, which use two different keys.)

Encryption algorithms, in general, are based in mathematics and can range from very simple to very complex processes depending on their design. In the case of symmetric encryption algorithms, theyre paired with a single key to convert readable (plaintext) data into unintelligible gibberish (ciphertext). They then use the same key to then decrypt the ciphertext back into plaintext. And all of this is done in a way that ensures data confidentiality and privacy. Pretty cool, huh?

Symmetric encryption algorithms are actually known by a few different names:

In general, the purpose or goal of encryption is to make it so that only someone with the key can decrypt and read the secret message. In case you need a quick reminder of how symmetric encryption works, heres a quick overview:

In this graphic above, moving from left to right, youll see that you start with the plaintext, readable data. Once the symmetric encryption algorithm and key are applied to that data, it becomes unreadable ciphertext. The way to decrypt that message to decipher its meaning is to use a decryption key. In the case of symmetric encryption, the decryption key is identical to the key that was used to encrypt the data. Basically, you use the same key twice.

In a nutshell, a symmetric algorithm is a set of instructions in cryptography that use one key to encrypt and decrypt data. These encryption algorithms and keys are lightweight in the sense that theyre designed for speed in processing large blocks or streams of data. (This is why symmetric encryption algorithms are known as bulk ciphers.)

Asymmetric key algorithms and keys, on the other hand, are resource eaters. The keys are massive and are expensive to use at scale. What I mean is that they suck up a lot of your CPU processing resources and time, battery power, and bandwidth to execute.

Remember how we described symmetric algorithms as being a key component of your warp drive? Lets continue with that analogy. So, if you were to think about what asymmetric encryption algorithms are, theyd be like the equivalent of the thrusters in the propulsion system. Sure, theyll get you there eventually, but theyre not suitable for rapid encryption at scale.

However, theyre great for encrypting smaller batches of data in public channels. And asymmetric key exchanges (which well talk more about shortly) are a great way to distribute keys in those insecure public channels.

This is why people often turn to symmetric encryption for encoding large amounts of data.

As youll soon discover, not all symmetric algorithms are created equally. They vary in terms of strength but what exactly is does strength mean in cryptography? The short answer is that cryptographic strength is all about how hard it is for a hacker to break the encryption to gain access to the data. The longer answer, of course, may vary depending on the type of algorithm you evaluate. But, in general, cryptographic strength typically boils down to a few key traits:

Symmetric encryption can be a bit of a balancing act because you need algorithms and keys that are computationally hard yet practical enough to use with acceptable performance.

While symmetric encryption algorithms might sound like the most logical tools for all types of online data encryption, its not quite that simple. Much like the ever-logical Spock and the charismatic Captain Kirk, symmetric encryption also has weaknesses especially when used on their own in public channels. These weaknesses come in the form of key distribution and key management issues:

When using symmetric encryption, ideally, you and the person youre communicating with sort out your secret key ahead of time (prior to using it for any data exchanges). This means that in order to share a symmetric key securely with someone, youd need to meet up with them in person to give it to them. But what if youre across the country from the other party? Or, worse, what if youre on the other side of the world from them?

While this wouldnt be an issue in the Star Trek universe, where you could simply transport from one place to another within seconds, this isnt feasible in our 21st century transporterless world. Here, people are exchanging information with web servers worldwide every moment of every day. This means that people cant meet up ahead of time to hand out or receive keys. So, we have to rely on other means to securely exchange keys with other parties.

This is where asymmetric algorithms or, more specifically, key exchange protocols come into play. Asymmetric key exchanges make it possible to exchange symmetric keys in otherwise insecure public channels. What you may or may not realize is that youre actually using this combination of symmetric and asymmetric encryption techniques right now.

Lets consider your connection to our website as an example. See that padlock icon in your browser? It means youre connected to a secure website.

So, when you initially connected to, your browser had to perform a process with our server thats known as a TLS handshake. This handshake is a way for the server to prove to your browser that its legitimate and isnt an imposter. (You know, cause cybercriminals love to pretend to be other people to trick people in connecting with them. Theyre kind of like Romulans in that way always engaging in subterfuge.) The handshake process uses asymmetric encryption and asymmetric key exchange processes to do this.

Of course, there are a few versions of the handshake TLS 1.0, TLS 1.2, TLS 1.3 and there specific differences in how they work. (For example, the Internet Engineering Task Force [IETF] pushes for the strict use of forward-secrecy-only ciphers in TLS 1.3 but thats a topic for another time.) Just know that only the TLS 1.2 handshake should be the minimum used. As of October 2020, Qualys SSL Labs reports that 99% of sites support the TLS 1.2 protocol and 39.8% support the TLS 1.3 protocol.

We wont get into the specifics of how the TLS handshake works here, but know that it involves the use of cipher suites. These groups of ciphers are what help to make it possible to establish a secure, HTTPS connection by determining which of each of the following to use:

You can read more about the process in this explainer blog on how the TLS handshake works. But for now, lets stay with the topic at hand of symmetric encryption algorithms.

During the symmetric encryption that takes place when you connect securely to a website, youre using a bulk cipher to make that happen. There are two subcategories of bulk ciphers: block ciphers and stream ciphers.

In this type of cipher, plaintext data breaks down into fixed-length groups of bits known as blocks (which are typically connected via a process known as chaining). Each block then gets encrypted as a unit, which makes this process a bit slow. And if theres not enough data to completely fill a block, padding (typically an agreed upon number of 0s) is then used to ensure that the blocks meet the fixed-length requirements.

The ideal block cipher has a massive key length that isnt practical, so many modern ciphers have to scale back key sizes to make them usable. But just as a quick note: Unlike with asymmetric encryption, symmetric encryption key sizes dont determine the size of the data blocks.

The majority of modern symmetric encryption algorithms fall within the block cipher camp, and these types of ciphers have broader usage and application opportunities. So, were mainly going to focus on them here. But if youre wondering what the most popular or common stream ciphers are, dont worry, weve got you covered.

With this type of cipher, it encrypts plaintext data one bit at a time. As such, data gets processed in a stream rather than in chunks like in block ciphers. This makes the process less resource-intensive and faster to achieve.

Now, were not going to get into all of the specifics of block ciphers and stream ciphers thats a whole other topic for another time. Just be sure to keep an eye out in the coming weeks for a separate article that breaks down block ciphers and stream ciphers.

Okay, now this is where things start to get exciting (or more complicated, depending on your perspective). With shared key encryption, there are several well-known symmetric key algorithms to know. Lets break them all down to understand what they are and how they work.

For this section, weve put together a symmetric algorithm list that will help us navigate the most common symmetric ciphers. Well start with one of the oldest and work our way up to the latest and greatest meaning, the algorithm that we typically use today for modern symmetric encryption.

First up on our list is the data encryption standard. DES, also known as DEA (short for data encryption algorithm), is one of the earliest symmetric encryption algorithms thats since been deprecated. Its based on the Feistel Cipher (much like many other varieties of block ciphers) and was actually deemed one of the first symmetric algorithms to be adopted as a Federal Information Processing Standard (FIPS) in 1976.

DES dates back to the early 1970s when its original form (Lucifer) was developed by IBM cryptographer Horst Feistel. IBM reports that the encryption method was originally created at the behest of Lloyds Bank of the United Kingdom. The National Bureau of Standards (now known as the National Institute of Standards, or NIST for short) ended up seeking proposals for a commercial application for encryption, and IBM submitted a variation of it. It was even desired for use by the National Security Agency (NSA) to protect their data.

This type of symmetric encryption maps inputs of a specific length to outputs of a specific length. As such, it operates on 64-bit blocks meaning that it could encrypt data in groups of up to 64 blocks simultaneously and has a key size of 56 bits. There are also 8 additional parity bits to the key, which serve as a way to check for data transmission errors. However, its important to note that parity bits arent something youd ever use for encryption.

This size key is actually very small by todays standards, which makes it highly susceptible to brute force attacks. Also, the key and block lengths differ from the original Lucifer key and block lengths, both of which were reduced from 128 bits.

To learn more about how DES encryption and Feistel Networks work, check out this great video from Coursera and Stanford University.

The Data Encryption Standard (DES) document (FIPS PUB 46-3) was officially withdrawn on May 19, 2005, along with the documents FIPS 74 and FIPS 81. The National institute of Standards and Technologys Secretary of Commerce published the following in the Federal Register:

These FIPS are withdrawn because FIPS 46-3, DES, no longer provides the security that is needed to protect Federal government information. FIPS 74 and 81 are associated standards that provide for the implementation and operation of the DES.

DES encryption was succeeded by triple data encryption algorithm (TDEA) for some applications, although not all. However, DES was primarily superseded as a recommendation by the advanced encryption standard, or whats known as AES encryption, in 2000. This is what we most commonly use today for symmetric encryption.

Now, lets explore those two other types of symmetric encryption algorithms.

The triple data encryption algorithm, which was created in the late 1990s, is a bit tricky as it actually goes by several abbreviations: TDEA, TDES, and 3DES. But as you can probably guess from its name, 3DES is based on the concept of DES but with a twist.

Unlike its predecessor, TDEA uses multiple separate keys to encrypt data one variation of TDEA uses two keys and the other variation uses three keys (hence the triple in its name). The stronger of the two is the one that uses three keys.

Heres an illustration of how the three-key TDEA process works:

The use of multiple keys makes processing data slow and increases the computational overhead, which is why organizations often skipped over 3DES and moved straight on to using AES.

TDEA operates using a decent 168-bit key size. However, like DES, 3DES also operates on small 64-bit blocks. Its small block size made it susceptible to the sweet32 vulnerability (CVE-2016-2183 and CVE-2016-6329), or whats known as the sweet32 birthday attack. This exploit takes advantage of a vulnerability that enables unintended parties to access portions of DES/TDEA-encrypted data.

The TDEA symmetric key encryption algorithm is set to deprecate in terms of being useful for cryptographic protection in 2023. However, in the meantime, NIST SP 800-76 Rev. 2 specifies that 3DES can be used by federal government organizations to protect sensitive unclassified data so long as its used within the context of a total security program. Such a program would include:

AES is the most common type of symmetric encryption algorithm that we use today. In fact, even the NSA uses AES encryption to help secure its sensitive data.

AES is a variant of the Rijndael family of symmetric encryption algorithms. Unlike its DES or TDEA counterparts, its based on a substitution-permutation network. So, it uses this as its foundation in lieu of the Feistel cipher. Youll find the advanced encryption standard in use for everything from SSL/TLS encryption to wireless and processor security. Its fast, secure, and doesnt noticeably increase your processing overhead (at least, when you use the right key).

AES operates on block sizes of 128 bits, regardless of the key size used, and performs encryption operations in multiple rounds.

Theres a total of four AES encryption sub-processes:

The rounds, which are performed on the plaintext data, uses substitutions from a lookup table. So, one of the rounds looks akin to this:

AES, which became the new FIPS-approved encryption standard after replacing DES and superseding 3DES, has a maximum key size of up to 256 bits. This is about 4.5 times larger than a DES key. Any larger, and it wouldnt be practical for at-scale applications. Now, the size of the key determines how many rounds of operations will execute for example, a 128-bit key will have 10 rounds, whereas a 256-bit key will have 14.

Of course, AES encryption is incredibly strong. So, any attempts to crack AES via brute force using modern computer technology is futile, as a certain collective of cybernetic individuals love to say. Even Lt. Commander Data would likely struggle with such a computational effort. I say that because even quantum computers arent expected to have as big of an effect on symmetric encryption algorithm as it will on, say, modern asymmetric encryption methods. (Symmetric encryption methods would require larger keys to be quantum resistant, whereas public key methods will no longer be secure period.)

For a more in depth look at the advanced encryption standard, be sure to check out our other article on the topic. There, youll get a highly technical look at how AES works.

There are plenty of other types of symmetric encryption algorithms that are useful for different purposes and cryptographic functions. Just to give you a quick taste, the list of some of these algorithms include:

Of course, there are other ciphers, too but were not going to include them all here. But this at least gives you some examples of whats out there as far as AES algorithms are concerned.

Symmetric encryption algorithms, when used on their own, are best suited for encrypting data at rest or in non-public channels. I say that because theyre often found protecting at-rest data in various situations, including databases, online services, and banking-related transactions. (The latter is because the Payment Card Industry Data Security Standards, or PCI DSS for short, requires it.)

However, those arent the only places theyre useful. Oh, no youll also find symmetric algorithms in use across the internet. When you use them in conjunction with asymmetric encryption for key exchange such as when you connect to a secure website then symmetric encryption comes into play with services such as:

Didnt feel like diving into all of the technical mumbo-jumbo? (Or didnt feel like reading through my nerdy Star Trek comparisons of symmetric encryption algorithms?) No worries. Here are a few of the main takeaways from this article on symmetric key algorithms:

Be sure to stay tuned for our next chapter in this blog series on symmetric encryption in the coming weeks. And until next time live long and proper.

Symmetric Encryption Algorithms: Live Long & Encrypt - Hashed Out by The SSL Store - Hashed Out by The SSL Store

Read More..

Google plans to test end-to-end encryption in Android messages – TechCrunch

For the past year and a half, Google has been rolling out its next-generation messaging to Android users to replace the old, clunky, and insecure SMS text messaging. Now the company says that rollout is complete, and plans to bring end-to-end encryption to Android messages next year.

Googles Rich Communications Services is Androids answer to Apples iMessage, and brings typing indicators, read receipts, and youd expect from most messaging apps these days.

In a blog post Thursday, Google said it plans to roll out end-to-end encryption starting with one-on-one conversations leaving open the possibility of end-to-end encrypted group chats. Itll become available to beta testers, who can sign up here, beginning later in November and continue into the new year.

End-to-end encryption prevents anyone even Google from reading messages as they travel between sender and the recipient.

Google dipped its toes into the end-to-end encrypted messaging space in 2016 with the launch of Allo, an app that immediately drew criticism from security experts for not enabling the security feature by default. Two years later, Google killed off the project altogether.

This time around, Google learned its lesson. Android messages will default to end-to-end encryption once the feature becomes available, and wont revert back to SMS unless the users in the conversation loses or disables RCS.

View post:
Google plans to test end-to-end encryption in Android messages - TechCrunch

Read More..

Google Messages Set to Roll Out End-to-End Encryption – Infosecurity Magazine

Google has finally announced that end-to-end encryption (E2EE) will begin rolling out on its Messages platform, bringing it in line with rivals WhatsApp and iMessage in the security stakes.

Messages by Google is built on the open Rich Communication Services (RCS) standard to offer improvements over legacy SMS such as anti-spam, launching of video calls direct from conversations, Smart Reply and more.

Google announced late last Friday that it had completed its global rollout of the platform for all Android users.

However, until now the missing piece in the puzzle was security, with both Facebook (WhatsApp) and Apple offering E2EE to maximize privacy for their users.

Google now joins its rivals with these capabilities, starting with one-to-one conversations and only when both users are on Messages.

End-to-end encryption ensures that no one, including Google and third parties, can read the content of your messages as they travel between your phone and the phone of the person youre messaging, explained product lead, Drew Rowney. This will roll out to beta testers beginning this month and continue into next year.

However, while the new functionality is likely to be a hit with consumers and business users, it will put Google on a collision path with legislators and law enforcers in the US.

Over recent years, high-profile figures have tried to pressure tech giants like Apple into engineering bespoke backdoors into their products so that investigators can unlock phones and read the encrypted messages of suspects.

They argue that E2EE otherwise offers a safe haven for terrorists, child abusers and other criminal elements disregarding the fact that if Apple et al were to accede to their wishes, these individuals would surely migrate to other platforms.

Now Google will have to stand up for its users and argue that backdoors cannot be engineered for law enforcement without undermining security for all a point repeatedly batted away by lawmakers.

In its most recent missive last month, the Five Eyes intelligence community plus India and Japan repeated its demands, and arguedthat the tech community just isnt trying hard enough to find a way forward.

See the article here:
Google Messages Set to Roll Out End-to-End Encryption - Infosecurity Magazine

Read More..

Did they crack the code? The importance of encryption for protest movements – OpenGlobalRights

Protesters march during a rally against government and President Lukashenko in Minsk, Belarus, 25 October 2020. According to reports, over 100,000 opposition activists took to the streets against Belarusian government and President Alexander Lukashenko calling him to step down and demanding new presidential elections. EFE/EPA/STR

In the presidential elections held in August in Belarus, Alexander Lukashenko was re-elected with 80% of the votes, yet only a few believed the official account. This disparity between reality and the state claims instigated record numbers of people to pour into streets and demand repeated elections. The regime answered with a brutal crackdown on protesters and internet shutdowns to limit accessing and sharing information. But Belarusians found a way to communicate through an encrypted messaging service called Telegram, which played a vital role in organizing protesters and disseminating information horizontally without any formalized leadership. Encryption remains a central tool for bypassing state surveillance, especially in countries with repressive governments, but it does not come without lingering safety and security concerns.

When Belarusians called for transparent elections, they were met with extreme police violence and detentions, photos of which filled the media and caused international outrage. A parallel battle was happening in the digital realm through the blocking of independent media and opposition websites and intermittent internet blackouts. These restrictions aimed to cause a chilling effect on popular mobilisation and prevent the publishing of information and evidence about police abuse. Lukashenko blamed foreign interference for the internet shutdowns but experts pointed to the government that controls the state-owned Internet provider Beltelecom. NetBlocks reported that internet access in Belarus has been disrupted for several days, creating an information vacuum preventing citizens from establishing contact with each other and with the outside world. On the night of the elections results, the government shut down social networks, blocked VPNs, while encrypted traffic was also blocked on certain websites and two election platforms so that people could not observe news about possible violations. Later that day, the whole mobile internet was shut down and most of the media outlets were unavailable. None of the usual messaging services worked without additional tools to bypass the censorship. Viber, WhatsApp, and Messenger were inaccessible.

Belarusian authorities used a DPI method for blocking internet access, but also monitored real-time communications, examined unencrypted content, and implemented targeted blockings and shutdowns, enabling both invasive privacy breaches and mass censorship. Similar technology has been documented in other countries, notably China and Russia, where it has been reviewed as a tool for implementing the Sovereign Internet Law. It seems like government manipulation of the internet will remain a constant feature in the future.

Multiple crackdowns have brought to the spotlight the rights to freedom of peaceful assembly and of association in the digital space. According to a UN special rapporteur threats to digital expression and internet freedom are more pronounced than ever [] and internet shutdowns have emerged as a popular means of information control. This issue has been lately growing in importance as the restrictions amid the COVID-19 pandemic have made the shutdowns of online civic space ever more consequential for exercising civil and political rights. The Belarusian case of coping with state interference through encrypted messaging service can be instrumental for understanding similar scenarios across the globe.

In the post-Soviet country with a booming IT sector adding 6.4% GDP, harnessing the potential of the tech platforms has been central to the oppositions success. YouTube popularized Siarhei Tsikhanouski and subsequently his wife, who ran as the lead candidate against Lukashenko. Again, when social media platforms became mostly unavailable, protesters turned to Telegram. The anti-censorship tools used by Telegram through robust encryption allowed Belarusian citizens to continue connecting via the app and access its channels to share messages, warn protesters of police movements, and guide demonstrators to certain neighborhoods.

The diffuse coordination made it more difficult for the security services to repress the protesters. As a journalist summed up: This is the Telegram revolution. Its not the opposition, not the political parties. Everything is made by bloggers, influencers, and these Telegram channels. Lukashenko himself acknowledged Telegrams importance when announcing that all the various Telegram channels that control crowds in Minsk will go away. The protests show how critical encryption is to protect citizens human rights and safety. It also offers a model to be copied by activists in many other countries looking to evade government control. Similar channels have been used by popular movements in Catalonia and Hong Kong, proving that even though the context might be different, similar tactics can still be adopted.

Evidently, there are two sides to the liberating power of encryption. A key argument is that as much as it can be a tool for greater democracy, it can also foster illegal activities. Thinking of the democratic cause only, where the biggest Telegram channels are followed by millions of users, questions arise around self-organization, misinformation risks, and security threats to users. In a climate where traditional media cannot be trusted and oppositional media has been disabled, the platforms take on an unprecedented power over information. The biggest channel fuelling Belarusian protests is Nexta, with more than 2 million subscribers in a country of about 9.4 million people. Operating fast and without an editorial team, they do not have the time and the capacity to fact-check information. Misinformation can lead to higher risk-taking, such as when protesters wrongly heard that security forces joined them and approached the police chanting five cities have laid down their shields. They were later dragged into police vans and may have been among the thousands of detained Belarusians who faced torture and beatings.

Roman Protasevich, the chief editor of Nexta, offered a rare glimpse into the channels operational mindset when interviewed by the BBC: Do I feel responsible for what we publish? Only in terms of whether it will bring people closer to victory and the end of the dictatorship. Undoubtedly, a small team of six that works out of a community centre in Warsaw is short of resources to cross-check each piece of information when there are hundreds of items on the Telegram channel. But these and similar channels remain oblivious to alerting their followers that the information they publish has not been verified.

As the governments become increasingly repressive and tech-savvy in suppressing dissent, the popularity of encrypted platforms for news gathering and dissemination is here to stay. Encrypted communications fall beyond the reach of regulation, making them a strong alternative source. They will remain a key enabler of civic rights in undemocratic societies where the media is tightly controlled by the authorities. But with information power concentrated into the hands of a few, an additional layer of scrutiny should be placed on how they operate and whether or not they act responsibly towards citizens.

Nexta founder Stsyapan Putsila downplays their role saying that they do not force anyone to protest: We tell people that they can go out, defend their rights. Belarusians come out on their own. But he also added that Now we not only inform, but to some extent also coordinate people. For Nexta, the trade-off is worth the end goal of achieving democracy, and many of their followers would agree. But in the country hungry for uncensored information, this reluctance to take on a greater responsibility despite growing stakes creates additional risks for the protesters.

Read more from the original source:
Did they crack the code? The importance of encryption for protest movements - OpenGlobalRights

Read More..

The EU’s muddled approach to encryption – The Spectator US

The EU would like you to know that it doesnt want to ban encryption. In fact, it correctly recognizes that encryption is absolutely essential for our privacy and financial safety on the internet. Thats why a draft resolution due to be tabled in front of EU leaders at a pivotal summit later this month spends paragraphs extolling the virtues of online encryption, before setting out the EUs complaint: they would really like to be able to read encrypted messages. And they want technology companies to do something about it.

On the surface, the EUs argument might seem quite reasonable: most of us would generally believe that with warrants or similar safeguards, authorities should be able to read the messages of serious criminals or terrorists. This is an argument successive British governments have also been fond of making.

The problem is that once you scratch below the surface, legislators are essentially proudly proclaiming themselves to be pro-cake and pro-eating it.

Online security is quite different from offline security, in that our communications are ultimately protected by encryption, which boils down to complex mathematics. Encryption uses calculations which are easy to perform one-way round but almost impossible to reverse the mathematical equivalent of scrambling an egg which means tech companies can make our messages all but impossible to decipher as they traverse the internets network of cables and servers.

In fact, thanks to encryption, the creators of most modern messaging apps cant read their users messages even if they wanted to. This is crucial for our security and privacy: messages arent secure if someone who works for a tech company (or a criminal or spy posing as them) can access them. And it means that when governments or police forces ask tech companies to hand over data, they cant they never had it in the first place.

But this is giving governments which in the internet era have become accustomed to being able to drown themselves in terabyte after terabyte of bulk data something of a headache. In response, they have begun urging, or threatening to compel, tech companies to create some means of circumventing their sophisticated encryption for selected users, so that they can hand over their data.

This is, essentially, the online equivalent of getting someone to leave the back door open so you dont have to use the locked, barred and reinforced front door. And just like an open back door in real life, in practice that means youre leaving the door open to everyone.

If tech giants create vulnerabilities so it is easier to access user data, the same methods will also be used by criminals and foreign governments. In the online world, it is simply not possible to selectively weaken security just for the good guys.

The EUs latest resolution tackles this thorny problem by insisting that they are big supporters of encryptionandthat they understand the risks of backdoors, and so would not ask tech giants to insert them into their messaging apps.

Instead, they ask tech companies, researchers, academics and others to look for some other way of allowing them to access messages essentially deciding that a back door by any other name will somehow magically work differently.

We should be relieved that the latest EU proposal is so laughably vague, but it is symbolic of the dead-end in which governments across the world have got to when it comes to regulating the internet a task we all agree, to different extents, is necessary, but one for which most governments seem woefully ill-equipped.

***Get a digital subscription toThe Spectator.Try a month free, then just $3.99 a month***

If the EU is interested in tracking and monitoring criminals, there are already other technical methods available for example, through phone manufacturers themselves (though backdoors here could, again, cause unintended consequences). It could also spend more on human intelligence, which is traditionally far more effective, and has been starved of resources in the internet era.

Instead, the EU joins an array of other governments and bodies straddling between menace and comical ineffectiveness. By railing against encryption, they undermine public trust in a technology that is vital to our online privacy and security.

And by having nothing more than a plea to the heavens for some magical fix to their problem, the EU are instead making themselves look comically unprepared for the task of regulating the internet era of capitalism. We are two decades into the digital age, and our politicians are still decidedly analog.

This article was originally published on The Spectators UK website.

Read the original post:
The EU's muddled approach to encryption - The Spectator US

Read More..

AES Encryption Software Market 2020 Global Industry Size, Demand, Growth Analysis, Share, Revenue and Forecast 2022 – The Think Curiouser

This new research report compilation added as an assessment overview of the global AES Encryption Software market is directed to unravel crucial details about market developments, encompassing various factors such as market trends, lingering barrier implications as well as dominant drivers that effectively carve a favorable growth route for global AES Encryption Software market progression and growth. The report specifically underpins superlative reader comprehension about multiple market developments by gauging into regional growth spots.

Access the PDF sample of the AES Encryption Software Market report @

Key Players Mentioned in the Report:

DellEsetGemaltoIBMMcafeeMicrosoftPkwareSophosSymantecThales E-SecurityTrend MicroCryptomathicStormshield

A keen observation and evaluation of the AES Encryption Software market developments based on qualitative and quantitative research practices have been meticulously compiled to understand dynamics such as drivers, restraints, challenges and threats that closely influence holistic growth in global AES Encryption Software market.

Make an enquiry of AES Encryption Software Market report @

Some of the most crucial market relevant information drawn in the report is aimed at equipping market players with a crisp overview of fast transitioning vendor landscape. The report is also designed to influence lucrative decision making amongst prominent players in terms of their investment discretion towards most appropriate investment decisions pertaining to dynamic product and pricing mix to initiate user acceptance. A close review of the sub-segmentation has also been tagged in the report, aimed at unveiling novel growth opportunities, offsetting market saturation. Minute classification of the growth hubs, encompassing details on global and local developments alike to entice critical decision making.

Types Covered in Report:(On-premises, Cloud, , , )

Application Covered in Report:(Disk Encryption, File/folder Encryption, Database Encryption, Communication Encryption, Cloud Encryption)

Browse the complete AES Encryption Software Market report @

About Us:Orbis Research ( is a single point aid for all your Market research requirements. We have vast database of reports from the leading publishers and authors across the globe. We specialize in delivering customized reports as per the requirements of our clients. We have complete information about our publishers and hence are sure about the accuracy of the industries and verticals of their specialization. This helps our clients to map their needs and we produce the perfect required Market research study for our clients.

Contact Us:Hector CostelloSenior Manager Client Engagements4144N Central Expressway,Suite 600, Dallas,Texas 75204, U.S.A.Phone No.: +1 (972)-362-8199 ; +91 895 659 515

Read more:
AES Encryption Software Market 2020 Global Industry Size, Demand, Growth Analysis, Share, Revenue and Forecast 2022 - The Think Curiouser

Read More..

How to recover data from a Mac with T2 or FileVault encryption and without a password – Macworld

Its hard thing to discover that a loved one is incapacitated or passed away, and the Mac or Macs they left behind cant be unlocked to retrieve photos, important financial or legal information, or any of their digital traces. If the main account or any administrative user password is unavailable, a newer Mac may be completely unrecoverable.

Many times, a person who experiences dementia may have already appointed or had appointed someone with the legal right to access their devices; someone who may know they were facing death or who had planned ahead with a will may have left their gear explicitly to someone, or appointed an executor who has rights. (This is not legal advice, by the way; consult an attorney with any questions about the legality of accessing such hardware.)

But the right or need to access a Mac doesnt mean one has the ability, and Apple has designed its systems to prevent its own ability to break through strong protections.

The T2 Security Chip found in newer Macs (see the list of Mac models here) brought iPhone- and iPad-style security and encryption to macOS, including Touch ID on laptops. The Macs startup volume is automatically encrypted at rest, separate from the long-running FileVault technology in macOS. (See How FileVault and the T2 Security Chip work together in newer Macs for more details.)

The T2 chip on a Mac automatically encrypts the startup drive as a way to improve security dramaticallyincluding rendering a drives contents unreadable if a device were lost or stolen. Without a fingerprint on a Touch ID-equipped Mac (for a computer thats running, logged in, and in the right circumstances) or a password for any Mac, even without FileVault enabled, the contents of the Macs drive could be permanently unavailable.

If the Mac in question is one of the above models, skip to Strategies to work around not having the password, later in this article.

If it doesnt have a T2 chip, you can try the following; if not, read on for what wont work, and then strategies to try without the password.

You may be able to mount a Mac as a volume on another Mac without a password using Target Disk Modeas long as FileVault wasnt enabled. You may not know if was, so you can try the following if both Macs have a FireWire (older models) or Thunderbolt 2 or 3 port:

Connect the computers.

Restart or startup the Mac you want to mount on the other while holding down the T key.

If it works, a volume icon appears on the other Mac.

If you receive a prompt to enter a password, then either FileVault is enabled or theres a T2 chip on the computeror even both.

However, if you dont have another Mac to try this with or they dont have compatible ports, you can also set up an external, bootable macOS drive with a version of macOS new enough to start up the computer in question and not too new for an older Mac. (Consult the Macs model to check on which system releases work with it.)

Heres how to boot from an external drive:

With a macOS startup volume installed on an external drive, plug it into the Mac you want to start up.

Either restart the Mac or start it up, holding down the Option key as it powers up.

A roughly formatted display showing available startup drives should appear. Click or use a keyboard to select and boot from that drive.

The internal drive shows up as a volume after macOS starts up.

If you cant start up from an external drive because youre prompted for a password or blocked in another fashion, or macOS prompts you for a password to mount the internal drive (as above), youre stuck.

In nearly every scenario involving either a Mac with a T2 chip, FileVault enabled, or both, you have to have an administrative accounts password, often the main or only account on a Mac:

With FileVault turned on with any Mac, a password has to be entered at startup to even start macOS running. Otherwise its startup volume remains unavailable.

With the T2 chip and no FileVault, a Mac will boot to the startup screen, but unless you had the password, even though the drives contents are available to a user, youd have to break into macOS to gain access to files. Because the T2 chip restricts starting up with an external drive without making a specific administrative change that requires a password, you wont even be able to boot off an external driveand youd need an account password after that to mount the drive when started up externally, in any case.

You might consider removing the hard drive as one strategy. But Macs of the last few years have drives that cant easily be removed or are impossible to remove at all. Even if you could mount a drive on another device, if FileVault is enabled or its a mac with a T2 chip, its impossible to decrypt the drives contents.

The Startup Security Manger on T2-equipped Macs prevents staring up from an external drive without changing settingswhich requires a password.

Dont give up yet, however.

Several strategies can help, some of them absurdly low tech:

Check for sticky notes, password books, or other places someone may have written down their password. This is surprisingly common, yet often overlooked. (The best hackers in movies always make a joke about it when asked what sophisticated cracking tool they will use: they just find the sticky note.)

Did the person ever give you a password as a backup in case they lost or forgot theirs? Check your messages, password manager, or notes.

Look for local backups. While startup drives may be encrypted via FileVault or the T2 chip, Time Machine and other backups typically arent, unless someone takes an extra step to encrypt the volume. (If they did that, they might also have taken steps to allow someone else to gain access later if they couldnt.) Look for a drive directly connected to the computer, to another computer on the network, or a Time Capsule, Apples discontinued networked Time Machine backup option.

Look for online backups. A person may be using a cloud-based backup storage system, like Backblaze or Carbonite, and you may be able to find the password for that if you cant find their Mac accounts password. Check credit-card bills to see if theyre using such a service.

Check iCloud. Again, you might be able to find or figure out their iCloud login, and retrieve photos and synced files from iCloud.

Look for other sync services. Dropbox, Google Drive, OneDrive, and other options can sync the contents of folders or nearly an entire drive from a computer to cloud-based storage.

Preparation always helps, too. If youre reading this column prospectivelybefore a problem has cropped upsee How to prepare your digital assets in case of death for advice on setting up yourself or helping someone else be set up for access when they cant provide a password.

This Mac 911 article is in response to a question submitted by Macworld reader Janvier.

Weve compiled a list of the questions we get asked most frequently along with answers and links to columns: read our super FAQ to see if your question is covered. If not, were always looking for new problems to solve! Email yours to including screen captures as appropriate, and whether you want your full name used. Not every question will be answered, we dont reply to email, and we cannot provide direct troubleshooting advice.

See the rest here:
How to recover data from a Mac with T2 or FileVault encryption and without a password - Macworld

Read More..

Security flaws in smart doorbells may open the door to hackers – We Live Security

The peace of mind that comes with connected home security gadgets may be false your smart doorbell may make an inviting target for unwanted visitors

Smart doorbells commonly found on marketplaces such as Amazon and eBay contain serious vulnerabilities that expose their owners to a host of security and privacy threats, according to an investigation led by the British consumer watchdog Which?.

Together with NCC Group, Which? looked into 11 internet-connected video- and audio-equipped doorbells, finding disconcerting vulnerabilities in all of them. A number of the gadgets are designed to have the look and feel of Amazons Ring and Googles Nest Hello and are sold either under their own brands or have no discernible branding. Some devices were promoted with the Amazons Choice logo and received rave users reviews.

Notably, this includesthe Victure VD300 smart doorbell, listed as the number one bestseller in door viewers. The device was found to send a Wi-Fi network password to servers in China unencrypted. If stolen, the login details might not just give crooks access to the victims Wi-Fi network, but also to other devices connected to it and exposing peoples sensitive data in the process.

The lack of data encryption was overall a common find in the test and also affected video footage, which was often stored unencrypted.

RELATED READING: These things may be cool, but are they safe?

Other flaws had to do with poor password protections, since the units came with basic and easy-to-guess default passwords or their passwords were easy to reset by unwanted guests. Some devices were vulnerable to being readily switched off or stolen, paving the way for burglars to do their job and be gone while nobody is watching. One gadget was susceptible to a critical exploit taking advantage of the Key Reinstallation AttaCK (KRACK) vulnerability in Wi-Fi authentication that could ultimately leave Wi-Fi networks wide open to compromise.

Unsurprisingly, most units gathered more customer data than they actually needed for their operations. Overall, the tests findings are by no means unique as similar probes have been conducted before and also brought unflattering results.

RELATED READING: IoT security: Are we finally turning the corner?

Amazon has since removed the listings for at least seven products. Meanwhile, eBay had this to say: These listings do not violate our safety standards but represent technical product issues that should be addressed with the seller or manufacturer, said the company.

If youre in the market for any connected gizmo, you want to do your homework and choose a reputable manufacturer with a proven track record of securing their devices. Then, when you first set up your new smart device, at the very least make sure you protect it with a strong and unique password or passphrase as well as with two-factor authentication.

The rest is here:
Security flaws in smart doorbells may open the door to hackers - We Live Security

Read More..

Document Encryption Software Market 2020 – Impact of COVID-19 Pandemic, Future Development, Top Manufacturers Analysis, Trends and Demand discussed in…

Document Encryption Software Market 2020 Research Report initially provides a basic overview of the industry that covers definition, applications and manufacturing technology.The report explores into the international players in the market. Market division by Regions, this report splits Global into several key Regions, with production, consumption, revenue, market share and growth rate.

Document Encryption Software market presents substantial inputs about the market size, market share, regional trends, and profit projection of this business sphere. The report also enlightens users regarding the foremost challenges and existing growth tactics implemented by the leading organizations that constitute the dynamic competitive gamut of this industry.

The research report on Document Encryption Software market provides a comprehensive assessment of the business sphere by evaluating all the vital aspects such as the current scenario of the marketplace and its trends over the forecast timeline. Key developments in Document Encryption Software market over the forecast period are also elaborated in the report, alongside insights regarding the regional landscape as well as various industry policies that shape the market dynamics.

In-depth information pertaining competition patterns in consort with advantages and disadvantages of the products manufactured by the market majors are cited in the report. The report briefly analyzes the production and consumption aspects of the industry including raw material matrix, production cost, and downstream buyers.

Request a sample Report of Document Encryption Software Market at:

COVID-19, the disease it causes, surfaced in late 2020, and now had become a full-blown crisis worldwide. Over fifty key countries had declared a national emergency to combat coronavirus.

With cases spreading, and the epicenter of the outbreak shifting to Europe, North America, India and Latin America, life in these regions has been upended the way it had been in Asia earlier in the developing crisis. As the coronavirus pandemic has worsened, the entertainment industry has been upended along with most every other facet of life.

As experts work toward a better understanding, the world shudders in fear of the unknown, a worry that has rocked global financial markets, leading to daily volatility in the U.S. stock markets.

Unearthing the competitive landscape of the Document Encryption Software market:

Unveiling the regional spectrum of the Document Encryption Software market:

Ask for Report on Document Encryption Software Market Report

This email address is being protected from spambots. You need JavaScript enabled to view it.

Read more here:
Document Encryption Software Market 2020 - Impact of COVID-19 Pandemic, Future Development, Top Manufacturers Analysis, Trends and Demand discussed in...

Read More..

Data Encryption Market: Global Industry Analysis, Size, Share, Trends, Growth and Forecast 2020 2026 – The Think Curiouser

The latest report on Data Encryption Market now available at Market Study Report, LLC, explains the current and upcoming trends besides details related to the regional landscape of the Data Encryption market that includes numerous regions. The report further emphasizes intricate details regarding the demand and supply analysis, contributions by leading industry players and market share growth of the Data Encryption industry.

The study on Data Encryption market presents a comprehensive analysis of the key growth markers of this industry vertical in accordance with the regional outlook and competitive landscape. Also, the report discusses the prevalent challenges and limitations in this business sphere. Moreover, it renders a robust outlook on the opportunities that can turn in profit over the projected timeline. In addition, a conclusive overview of the impact of Covid-19 pandemic is included to empower stakeholders with the latest updates on changing market dynamics.

Request a sample Report of Data Encryption Market at:

Key highlights from COVID-19 impact analysis:

Other highlights from the Data Encryption market report:




Ask for Discount on Data Encryption Market Report at:

An overview of the regional landscape:

Comprehensive assessment of all opportunities and risks in the Data Encryption market.

This exclusive study addresses key questions for stakeholders in the Data Encryption Market:

For More Details On this Report:

Some of the Major Highlights of TOC covers:

Executive Summary

Manufacturing Cost Structure Analysis

Development and Manufacturing Plants Analysis of Data Encryption

Key Figures of Major Manufacturers

Related Reports:

1. Global Embedded Computing Module Market Report 2020 by Key Players, Types, Applications, Countries, Market Size, Forecast to 2026 (Based on 2020 COVID-19 Worldwide Spread)This report includes the assessment of Embedded Computing Module market size for value and volume. Both top-down and bottom-up approaches have been used to estimate and validate the Embedded Computing Module market, to estimate the size of various other dependent submarkets in the overall market.Read More:

2. Global Warranty Management Software Market Report 2020 by Key Players, Types, Applications, Countries, Market Size, Forecast to 2026 (Based on 2020 COVID-19 Worldwide Spread)Warranty Management Software Market Report covers a valuable source of perceptive information for business strategists. Warranty Management Software Industry provides the overview with growth analysis and historical & futuristic cost, revenue, demand and supply data (as applicable). The research analysts provide an elegant description of the value chain and its distributor analysis.Read More:

Related Reports:

Related Reports:

Contact Us:Corporate Sales,Market Study Report LLCPhone: 1-302-273-0910Toll Free: 1-866-764-2150 Email: [emailprotected]

Read the original:
Data Encryption Market: Global Industry Analysis, Size, Share, Trends, Growth and Forecast 2020 2026 - The Think Curiouser

Read More..