Category Archives: Encryption
Thales and TheGreenBow join forces to offer a high-security encryption solution for network communications – Thales
In todays increasingly connected world, the security of our information systems is more crucial than ever. In response to rapidly changing mobility and security needs, Thales, a leader in the cybersecurity market, and TheGreenBow, a French provider of VPN solutions, have signed an industrial cooperation agreement to provide a secure remote access solution.
The solution includes TheGreenBows Windows Enterprise VPN client and Thaless Gateways IPsec Mistral encryption technology. The latest version has been certified by French information security agency ANSSI to offer civil and military organisations top-notch protection for their information systems. Combining a very high data rate infrastructure encryptor with a security-certified VPN client1, Mistral also protects employees accessing these information systems while travelling or working remotely. Mistral is currently the only product capable of protecting information systems at EU Restricted and NATO Restricted level in line with ANSSIs IPsec security recommendations. It is on the cutting edge of developments in the field of security and offers a superior level of performance and quality of service for enterprise networks. This new solution meets the specific need to protect access to information systems for critical national infrastructure providers, local authorities and healthcare services including hospitals and clinics. It provides end-to-end data security from the remote access point to the enterprise information system across all types of networks from satellite links to 10Gbps real-time datacentre traffic.
Mistral DR gateways draw on Thales's expertise in network encryption and its extensive experience in large-scale deployments and migrations of critical networks. With TheGreenBows VPN client, the gateways secure data traffic to and from any mobile or remote platform to provide a sovereign, integrated solution allowing users to access sensitive networks from any device. This partnership meets to a growing need for secure, remote interconnection of sensitive information systems.
This partnership will allow Thales and TheGreenBow to offer a cutting-edge cybersecurity solution with the performance needed by critical national infrastructure providers and other economic actors in sensitive sectors in France and internationally. It is an illustration of Thaless ability to integrate third-party solutions with its systems to better meet the needs of its customers and the market at large. Pierre Jeanne, Vice President Cybersecurity, Thales
"With this new ODM1 partnership, TheGreenBow is continuing its policy of forging alliances to offer the highest possible level of security, performance and quality of service for enterprise networks. Mathieu Isaia, Managing Director, TheGreenBow
1TheGreenBow Windows VPN client (version 6.52.006)
1ODM: Original Design Manufacturer
Read the original:
Thales and TheGreenBow join forces to offer a high-security encryption solution for network communications - Thales
Congress wants a plan for post-quantum hacking threats for federal IT systems – SC Media
Congress wants the federal government to have a plan in place for protecting federal IT systems and assets from future hacks carried out by quantum computers.
To be clear, computer scientists at the National Institute for Standards and Technology believe the tangible threat of quantum codebreaking is still years away, but the widespread replacement of much of the older, classical encryption underpinning systems and data is likely to come during the next few years.
The Quantum Computing Cybersecurity Preparedness Act, sponsored by Reps. Ro Khanna, D-Calif.; Nancy Mace, R-S.C.; and Gerry Connolly, D-Va., would force the civilian federal government to develop a concerted strategy to tackle this replacement. The bill, which Khanna first referenced during a January House Oversight Committee hearing, would give the Office of Management and Budget a year from the time NIST finalizes its post-quantum encryption standards (expected later this year) to begin prioritizing the migration of devices and systems at civilian federal agencies. It also requires OMB to begin developing a list of high-risk systems and assets that will be prioritized for replacement.
The director of OMB would be responsible for delivering a report updating Congress on the governments progress, the potential cybersecurity risks posed by quantum computers, the amount of estimated funding needed to replace encryption for government systems and devices and U.S. coordination on post-quantum encryption with other international standards bodies.
Even though classical computers cant break encryption now, our adversaries can still steal our data in the hopes of decrypting it later," Khanna said in a statement. "Thats why I believe that the federal government must begin strategizing immediately about the best ways to move our encrypted data to algorithms that use post-quantum cryptography."
Mace said that while she was "optimistic" about the potential benefits of quantum computing "we must take preemptive steps to ensure bad actors aren't able to use this technology in more sinister ways."
Any such strategy, the bill posits in a sense of Congress, should involve the government and private sector coming together to develop software, hardware and applications that facilitate what is known as crypto agility" or the ability to easily switch out one post-quantum encryption algorithm for another with minimal loss to performance or interoperability. This capability is critical because so much of quantum computing and code breaking is still largely theoretical at this point.
Until a working quantum computer advanced enough to break classical encryption comes along, officials at NIST working on the next wave of encryption are basing their algorithmic choices, in part, on mathematical estimations of what those computers might do.
That means that the algorithms we think will protect us may actually fall short and, in fact, NIST official Dustin Moody told SC Media last year that each round of their post-quantum cryptography selection process has revealed a previously unknown or unforeseen weakness in one of the algorithms.
The work required to switch out such algorithms and implement crypto agility, where possible, is expected to be a long, grueling multi-year process. While the threat of quantum codebreaking mostly applies to public key encryption, most organizations dont have good visibility over the kinds of encryption they rely on.
A lot of people dont have any real sense of where [their public key encryption] are deployed in their systems, Bill Newhouse, a NIST cybersecurity engineer said last year to the Information Security and Privacy Advisory Board. The non-technical folks that rely on them probably just dont really recognize that it's all going to be rather complicated.
View post:
Congress wants a plan for post-quantum hacking threats for federal IT systems - SC Media
Global Encryption Key Management Market 2022 Industry Insights, Drivers, Top Trends and Forecast to 2028 Blackswan Real Estate – Blackswan Real…
MarketsandResearch.biz recent record on the Global Encryption Key Management Market is projected to experience a high growth from 2022 to 2028. It offers a clear understanding of Encryption Key Management market attributes such as market shares, size, values, and production volume. The Encryption Key Management market segmentation analysis, comprising quantitative qualitative research incorporating the impact of economic non-economic aspects. The study involves the most up-to-date competitive data practical advice for firms other consumers looking to enter the regional or global market. The SWOT and Porters five forces model analysis increase the practicality of this report.
The study report has comprehensively utilized the figures numbers with the help of pictorial graphical representation, representing more clarity at the global Encryption Key Management market. The company analysis is a veritable source of information derived from various documents like the companys website, case studies, annual reports, and other third-party data providers.
DOWNLOAD FREE SAMPLE REPORT: https://www.marketsandresearch.biz/sample-request/160852
The growth rate (CAGR) of each region is predicted so that the report provides an opportunistic roadmap to the participants of the Encryption Key Management industry. This report also investigates the impact of COVID-19 on the Encryption Key Management market. The report incorporates an analysis of regional and country-level market dynamics. The manufacturers can use geographic and behavioral data from the global Encryption Key Management market to determine which features to include meeting current market dynamics.
Type-based market segmentation:
Folders/Files, SaaS App,
Application-based market segmentation:
Enterprise, Personal,
The countries comprised in the market report are:
Americas (United States, Canada, Mexico, Brazil), APAC (China, Japan, Korea, Southeast Asia, India, Australia), Europe (Germany, France, UK, Italy, Russia), Middle East & Africa (Egypt, South Africa, Israel, Turkey, GCC Countries)
ACCESS FULL REPORT: https://www.marketsandresearch.biz/report/160852/global-encryption-key-management-market-growth-status-and-outlook-2021-2026
The major players included in the market report are:
Thales Group, IBM, Egnyte, Google, Alibaba Cloud Computing, Box, Amazon, Ciphercloud, Unbound Tech, Keynexus,
Customization of the Report:
This report can be customized to meet the clients requirements. Please connect with our sales team (sales@marketsandresearch.biz), who will ensure that you get a report that suits your needs. You can also get in touch with our executives on +1-201-465-4211 to share your research requirements.
Contact UsMark StoneHead of Business DevelopmentPhone: +1-201-465-4211Email: sales@marketsandresearch.biz
Queen has encrypted mobile phone – but she only uses it to call two people – The Mirror
There are very few people in the world who have direct access to the Queen - for obvious security reasons - but it turns out Her Majesty has two people she regularly speaks to on the phone
Image: PA)
It goes without saying that the Queen is no ordinary person, so you can't just pick up the phone to be able to speak to her - not even some of her closest family.
There are strict rules in place for anyone who wishes to contact the Queen, as it could create a huge security threat if anyone were able to reach the monarch.
Luckily technology has moved on a lot over the last few years, which means Her Majesty is now able to have a personal mobile phone which is protected against hackers - but she only uses it to contact two people.
MyLondon reports that the Queen has two people she regularly speaks to on her mobile phone, but they're not necessarily the people you might expect.
Image:
Image:
Royal expert Jonathan Sacerdoti said the two people who have access to the royal via her mobile are her daughter Princess Anne and her racing manager, John Warren.
Speaking to Royally US, Sacerdoti explained: "Apparently the Queen has two people who she speaks to the most on her phones and she also apparently has a mobile phone which is said to be Samsung packed with anti-hacker encryption by MI6 so nobody can hack into her phone.
"But the two people she phones the most are said to be her daughter Princess Anne and her racing manager John Warren."
The Queen is said to be very close friends with Warren, who is married to the Earl of Carnarvon's sister, Lady Carolyn Warren, and owns and runs the stud at Highclere Castle - the home that famously doubles as Downton Abbey.
The pair have regularly been seen chatting and laughing at events and Warren recently praised his friend for being inducted into the QIPCO British Champions Series Hall of Fame for her dedication to horse breeding.
He said: "I suspect that the Queen will have a lot of inner pride in being invited into the Hall of Fame. The Queen's contribution to racing and breeding derives from a lifelong commitment. Her love of horses and their welfare comes with a deep understanding of what is required to breed, rear, train and ride a thoroughbred.
"Her Majesty's fascination is unwavering and her pleasure derives from all of her horses - always accepting the outcome of their ability so gracefully."
Do you have a story to share? We want to hear all about it. Email us at yourmirror@mirror.co.uk
Read More
Read More
See original here:
Queen has encrypted mobile phone - but she only uses it to call two people - The Mirror
Bluefin, DRB and Datacap Systems Announce the Rollout of PCI-Validated Point-to-Point Encryption (P2PE) Processing at C-Store Car Washes – PR Web
Bluefin, DRB, Datacap Systems Partnership
ATLANTA, AKRON, Ohio and CHALFONT, Pa. (PRWEB) April 19, 2022
Integrated payments and security leader, Bluefin, announced today the rollout of its PCI-validated point-to-point encryption (P2PE) solution across 458 U.S. car wash locations with partners DRB and Datacap Systems.
With the largest install base of any car wash technology provider, DRB specializes in advanced point-of-sale systems (POS) and next generation business management. The companys brands include DRB Tunnel Solutions, DRB In-Bay Solutions (formerly Unitec), Suds, Washifyand Driverse.
Datacap Systems builds innovative and customized payment solutions that route through dozens of pre-certified devices from leading OEMs all via a universal payments integration. Datacaps solutions empower merchants to create a unified payments experience across brick and mortar, online, mobile and unattended applications.
Bluefin specializes in PCI-validated P2PE solutions that secure credit and debit card transactions by encrypting all data within a PCI-approved point-of-entry device, preventing clear-text cardholder data from being available in the device or the merchants system where it could be exposed to malware.
The partnership between Bluefin, DRB and Datacap is part of a large, multi-location P2PE project with a major C-store brand which includes car wash installation in Phase I, followed by P2PE for the pump and in the omni-channel C-store environment.
This solution will provide our customers the benefit of up to 90% PCI scope reduction while providing the highest level of data protection for consumer credit card data, said Sean Gately, VP of Security Solutions, Bluefin. Once phase 2 deployment is complete for both indoor and the forecourt, it will be the first-ever market ready enterprise PCI-validated P2PE solution for the C-Store/Petro industry.
Bluefin provides P2PE through the companys Decryptx stand-alone P2PE solution, which is connected to Datacap Systems, who processes the payments via their NETePay Hosted omnichannel payments gateway. Through the installation, payments will be immediately encrypted upon swipe, dip, or tap in the ID Tech VP6800, an all-in-one PCI PTS 5.x SRED certified unattended payment device. The project is on track to have 1,000 installations by the end of April.
As unattended payments continue to grow in the U.S., securing cardholder data at these terminals has become more critical than ever, said Justin Zeigler, Director of Product at Datacap Systems. With the implementation of a security-centric and modern payments solution, both the merchant and their customer base benefit from a secure and frictionless payment experience.
"This was a great project that significantly enhanced the security of the car wash payment environment and consumer card data, said Richard Carpenter, Director of Product Development & Customer Programs for DRB. Our customers car wash terminals were upgraded to implement EMV processing along with Bluefins PCI-validated P2PE technology. These solutions work hand-in-hand to protect the retailer from fraud, while ensuring security of their customers credit card data.
This truly has been a team effort to not only develop the solution, but to integrate it as well as deploy it with full P2PE validation, added Sean Gately, VP of Security Solutions, Bluefin.
About Bluefin
Bluefin is the recognized integrated payments leader in encryption and tokenization technologies that protect payments and sensitive data. Our product suite includes solutions for contactless, face-to-face, call center, mobile, Ecommerce and unattended payments and data in the healthcare, higher education, government and nonprofit industries. The companys 200 global partners serve 20,000 enterprise and software clients operating in 47 countries. For more information, visit https://www.bluefin.com/.
About DRB
For over a third of a century, DRB supported and often drove an era of unprecedented growth in the car wash industry with point-of-sale and wash optimization software, hardware and services. Now as a masterbrand that includes DRB Tunnel Solutions, DRB In-Bay Solutions (formerly Unitec), Suds, Washify and Driverse, that tradition continues. The DRB team works together toward a singular goal: To help all car wash operators squeeze every ounce of profitability out of their investments. They do this with data and industry insights, a best-in-class team and reliable, intuitive innovations that delight consumers and are secure, simple to service and easy to use.
About Datacap Systems
Datacap builds industry-standard payment solutions for Point of Sale providers to meet the needs of merchants in any market. Security-centric solutions for virtually all processing platforms route through dozens of pre-certified devices from leading OEMs all via a universal payments integration, empowering merchants to create a unified payments experience across brick and mortar, online, mobile and unattended applications. As the only channel-centric and processor-agnostic payments provider in the industry, Datacap is the ideal partner for any POS provider thats serious about building a solution that will scale to address the needs of virtually any merchant, regardless of market or payment processing platform. https://datacapsystems.com/contact-us/
Share article on social media or email:
Ingenious Ways of Encryption that Ensure Privacy of Big Data – Analytics Insight
Fool-proof encryption is a basic human right and essential for secure data exchanges.
In a recent report Meta, formerly known as Facebook, stated that it is rolling out default end-to-end encryption in 2023. This is precise because Meta, Businesses for Social Responsibility, a non-profit organization considers encryption as a basic human right and essential for secure data exchanges. However, encryption algorithms become weak over time by developing security holes, putting data at risk. Encryption techniques are essentially used to protect unauthorised access to the privy data by third parties. To prevent eavesdropping, the data is overlaid by an encryption key, so that the data is not the same data for people who do not have access to the key. The standard algorithms include the Secure Hash Algorithm (SHA), and Advanced Encryption Standard (AES) algorithm, which protect data and are capable of withstanding more advanced cyber-attacks. However, in view of emerging technologies like block-chain, quantum computing, and cloud computing, the conventional protocols designed fall inadequate for ensuring data privacy. Meanwhile, the researchers are finding ways to bypass the advanced code-cracking technologies to ensure that the big data remains within the confines of safety. Here are some examples:
Quantum computers use qubits unlike the 0s and 1s of conventional computing. Therefore, the computing power is way superior to the normal computers, including in performing mathematical problems that underpin the modern encryption algorithms. Researchers have known for decades that if a large-scale quantum computer could be built, it could do some pretty big calculations that would threaten the cryptosystems that we rely on today for security, says Dustin Moody, a mathematician at NIST, the US National Institute of Standards and Technology. The quantum-proof encryption uses lattice-based cryptography with enormous grids and billions of individual points across thousands of dimensions. Breaking the code would require moving along a set of random points. Unless you know the route, it is highly impossible to break the code.
In order to see original data, encrypted data should be decrypted and this very process can make it vulnerable to breach. Homomorphic encryption has a solution to overcome these encryption holes. It basically involves masking the data with algebraic functions for data manipulation which lets the data remain encrypted while being used. The person on the other end has to use a private key along with the public key in order to access the data. Homomorphic encryption is particularly functional in cases of protecting personal data without having third parties like Google or companies who do not have a direct relationship with the data, involve in the transaction. This encryption is particularly useful in healthcare and defence industries, where personal data is of utmost precious.
Unlike end-to-end encryption differential, privacy encryption uses mathematical noise to mask the original calculations used in the algorithm. The noise terms are large enough for individual variables but small enough for the pattern to be revealed. Craig Gentry, an American computer scientist describes homomorphic encryption as a glovebox. Anybody can put their hands into it and manipulate it but cannot make the final product out. Only the person with the key can take the finished product, once the product is ready. American Census Bureau is actively applying this technique to protect its citizens data while making it available for lawmakers to plan for policies.
Cryptography for blockchain technology is definitely the hottest area, where many players are putting their currency in. Given the openness and the stakes it holds in terms of monetary value, blockchain is one of the most vulnerable technologies. Till recently block-chain technologies used protocols based on digital signatures to authenticate transactions. These protocols require one key to sign in for all the transactions pertaining to an account. Of late, protocols like ZK-Snark, an example of a zero-knowledge proof protocol, are being applied which enable to confirm of a transaction without having to reveal the identity. ZoKrates, a toolbox used for implementing ZK-Snark protocol on Ethereum helps the user with verifiable computation on DApp. While the earlier protocols only helped with user identification, the latest ones add layers of software to track the entire course of transactions.
Share This ArticleDo the sharing thingy
About AuthorMore info about author
More:
Ingenious Ways of Encryption that Ensure Privacy of Big Data - Analytics Insight
WhatsApp gets ready to remind everyone why end-to-end encryption matters – iMore
Source: Harish Jonnalagadda / iMore
WhatsApp is readying an update that will remind people why end-to-end encryption is so important to them, according to a new report. A new screen will show what end-to-end encryption means and what benefits it offers.
The new WhatsApp screen is now being tested in beta form and was first spotted by beta watchers WABetaInfo. The page will appear when people tap another new addition the end-to-end encryption indicators that we reported on recently.
As you can see in this attached screenshot, a new security page shows up that gives some information about end-to-end encryption. The new page informs the user that text and voice messages, audio and video calls (including group calls), media, location sharing, and status updates are secured by end-to-end encryption, so your conversations are always private.
End-to-end encryption ensures that all communications are private, something that is vital to WhatsApp users and one of the reasons it's one of the best iPhone apps for private communications although there are plenty of WhatsApp alternatives available in the App Store.
This latest change is currently available to those on the WhatsApp TestFlight beta although it is surely only a matter of time before it is rolled out to everyone. WhatsApp continues to tweak its app via those beta releases before making the updates available via the App Store for all users. The Meta-owned instant messaging service is also testing a change that will add an ETA to file transfers, too.
View post:
WhatsApp gets ready to remind everyone why end-to-end encryption matters - iMore
Whether The Technical Solutions Corresponding To The Refuted Patent Application Can Also Apply For Patent – Intellectual Property – China – Mondaq
A technical solution has been patented, but is refuted. Thetechnical solution is important to the applicant. With regard towhether the technical solution canbepatented again or not?There have recently been differentcustomers who present such questions.
It should be noted that, the applicant can start areexaminationprogram for incompliancewith the rejection determination, and can also complain aboutincompliance with the reexamination determination of the patent ofthe invention in the case that the reexamination program maintainsthe rejection determination. If the applicant does not use, or doesnot intend to use, the described rescue means, or the final officeafter using the described rescue means decides to be the backbackedpatent application, it is advised whether to apply for patent nolonger for the technical solution?
If the technical solution is greatly improved, a new solution isformed, which does not belong to the prior art, and the patentapplication may be considered. If the technical solutionessentially does not change, only the description manner ischanged, and the earlier application affects the novelty of thelater application, and the patent application is not advised.
If the technical solution itself is not greatly improved,however, since the original application text of the earlierapplication does not highlight the point of the invention which theapplicant wants to emphasize this time, the applicant wishes toapply for a patent again, and whether to apply for a patent againis advised; and if it is advised to apply for a patent, it isnecessary to pay attention to what kind of patent?
In recent years, the writer has encountered such a case. Thetechnical solution provided by the applicant relates to the fieldof communications, and relates to a method forencrypting/decrypting data by means of a network device without anIP address and a MAC address. The prior application is proxied byother agency. The independent method claims of the priorapplication are as follows:
intercepting a target data packet transmitted by a data packetsending device to a data packet receiving device;
Performing preset processing on the target data packet, andgenerating a processed data packet of which the data amount is lessthan the MTU amount of a communication network;
Transmitting the processed data packet to the data packetreceiving apparatus.
The applicant is of the opinion that the earlier applicationdoes not highlight that the encryption/decryption operation isrealized by a network device without IP address and MAC addresses,and wishes to apply for a patent again with regard to the technicalsolution. In this case, the applicant has the followingthought:
(1)Re-applying a patent for thistechnical solution?
Firstly, it is necessary to compare the technical solution withthe full text of the initial application documents of the earlierapplications, The earlier application only discloses processing adata packet as a data packet less than an MTU amount via anintermediate device, but does not disclose that a communicationintermediate device is a device without IP address and MACaddresses, also does not disclose respectively encrypting anddecrypting same by two encryption/decryption devices between a datapacket sending device and a receiving device, That is, the featuresof the encryption/decryption device in the technical solution andthe application scenario of the technical solution are notdisclosed.
Secondly, the present technical solution needs to be comparedwith the prior art closest to the earlier application (D1 providedby the examiner), Reference document D1 discloses that nodes A andB can actively send a test message, and the length of an MTU isset, However, a network device without the IP address and the MACaddress does not have the capability of actively sending a datapacket, and cannot control the length of the sent data packet incommunication, Accordingly, the characteristics of the node in D1are completely different from those of the network device in thepresent application.
Further, it is also required to search for whether there is acloser prior art after the earlier application, and by means of thesearch, if no closer prior art is found, it can be preliminarilyjudged that the present technical solution is novel.
By means of evaluation, the present technical solution, by meansof a method for performing encryption/decryption on a networkdevice without an IP address and a MAC address, not only can ensurethat the length of a data packet after an encryption/decryptionoperation does not change with the length of an original datapacket, but also can ensure the synchronization and security ofparameter data required for data encryption/decryption; preliminaryjudgement involves an inventive step; therefore, the presenttechnical solution is advised to make a patent applicationagain.
(2)With regard to the technical solution application, attentionneeds to be paid to something?
First of all, an application scenario of performingencryption/decryption by using a network device without an IPaddress and a MAC address is the largest inventive point, a set ofsystem claims can be laid out, and the system independent claimslaid out are as follows:
A first network device, configured to send to a second networkdevice to-be-processed data;
A first encryption and decryption device connected to the firstnetwork device and used for receiving the data to be processed,encrypting the data to be processed to obtain encrypted data havingthe same length as the data to be processed, and transmitting theencrypted data to the second network device via a network, whereinthe first encryption and decryption device is a network devicewithout an IP address and a MAC address;
A second encryption and decryption device, connected to thesecond network device, and configured to receive the encrypted datathrough the network, decrypt the encrypted data to obtain decrypteddata, and transmit the decrypted data to the second network device,wherein the second encryption and decryption device is a networkdevice having no IP address and MAC address;
a second network device, configured to receive the decrypteddata.
Secondly, the encryption method and the decryption method inthis application scenario are also inventive points, andcorresponding method claims may be respectively arranged from bothsides of the encryption end and the decryption end.
Further, the layout of dependent claims is in communication withthe inventor, the encryption algorithm in the present technicalsolution is the same as the encryption algorithm in the earlierapplication, the instructor guides the inventor to improve andextend the encryption algorithm, proposes an encryption algorithmdifferent from the earlier application, and is deployed independent claims.
Finally, the patent application corresponding to the technicalsolution is granted a patent.
In conclusion, a patent application corresponding to onetechnical solution is refuted, but the technical solution has agreat value to the applicant, and a patent attorney can beconsulted about whether the technical solution can perform a patentapplication again. With regard to a patent agent, on the onehand,the technical solution can be compared with the prior art atfirst (including, but not limited to, the technical solutiondisclosed in the earlier application and the reference document ofthe earlier application), Insofar as the technical solution differsgreatly from the prior art, the applicant can be advised to make apatent application again. On the other hand, the inventor can beguided to mine and extend the technical solution,and re-determiningthe technical problem and the necessary technical features forsolving the technical problem, and reasonably performing patentlayout, The patent application for this technical solution also hasthe opportunity to obtain patent rights.
The content of this article is intended to provide a generalguide to the subject matter. Specialist advice should be soughtabout your specific circumstances.
Is 2022 the year encryption is doomed? – TechRepublic
Image: Cisco Talos
Quantum technology that the worlds superpowers are developing, if successful, will render many current encryption algorithms obsolete overnight. Whoever has access to this technology will be able to read almost any encrypted data or message.
Organizations need to pay attention to this emerging technology and take stock of the encryption algorithms in use, while planning to eventually upgrade these. Quantum computers already exist as proof-of-concept systems. For the moment, none are powerful enough to crack current encryption, but the private and public sectors are investing billions of dollars to create powerful systems that will revolutionize computing.
Nobody knows when a powerful quantum computer will become available, but we can predict the effects on security and prepare defenses.
Classical computers operate using bits of information. These bits exist in one of two states, either 1 or 0. Quantum computers operate in a different, but analogous way, operating with qubits. A qubit exists in a mixed state that is both partly 1 and partly 0 at the same time, only adopting a final state at the point when it is measured. This feature allows quantum computers to perform certain calculations much faster than current computers.
Quantum computers cannot solve problems for which current systems are unable to find solutions. However, some calculations take too long for practical application with current computers. With quantum computings speed, these calculations could become trivial to perform.
One example is finding the prime factors of large numbers. Any number can be expressed as multiples of prime numbers, but finding these prime numbers currently takes an incredibly long time. Public-key encryption algorithms rely on this fact to ensure the security of the data they encrypt.
It is the impractical amount of time involved, not the impossibility of the calculation, which secures public-key encryption. An approach named Shors algorithm can rapidly find such prime factors but can only be executed on a sizable quantum computer.
We know that we can break current public-key encryption by applying Shors algorithm, but we are waiting for a suitably powerful quantum computer to become available to implement this. Once someone develops a suitable quantum computer, the owner could break any system reliant on current public-key encryption.
SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)
Creating a working, sizable quantum computer is not a trivial matter.A handful of proof-of-concept quantum computing systems have been developed in the private sector. Although quantum research has been identified as a strategic priority for many countries, the path forward is less clear. Nevertheless, China has made quantum technology part of their current five-year plan and is known to have developed functional quantum systems to detect stealth aircraft and submarines, and have deployed quantum communication with satellites.
We know the difficulties in creating a sizable quantum system. What we dont know is if one of the global superpowers has overcome these and succeeded. We can expect that whoever is first to create such a system will be keen to keep it secret. Nevertheless, we can anticipate clues that will indicate a threat actor has developed a functional system.
Anyone possessing the worlds most powerful decryption computer will find it difficult to resist the temptation to put it to use. We would expect to see a threat actor seeking to collect large quantities of encrypted data in transit and data at rest, possibly by masquerading as criminal attacks.
Currently, experts do not observe the volume of network redirection attacks that would be expected for the large-scale collection of data, nor do we see the large-scale exfiltration of stored encrypted data. This is not to say that such attacks dont happen, but they are less frequent or audacious than might be expected if a state-sponsored threat actor was collecting data at scale.
Nobody knows when current encryption techniques will become obsolete. But we can prepare by upgrading encryption algorithms to those believed to be resistant to quantum attack. NIST is preparing standards for post-quantum encryption. In the meantime, the NSA has produced guidelines that offer guidance before relevant standards are published.
Encrypted, archived data is also at risk. Organizations may wish to consider if old data is still required. Wiping obsolete data may be the best defense against having the data stolen.
Until a sizable quantum computer is built and made available for research, we cannot be certain about the capabilities of such a system. It is possible that physical constraints will mean that such a system is not practical to build. Certainly, programming quantum computers will require new software engineering practices. It is also possible that programming shortcuts will be found that allow the practical breaking of encryption with a smaller quantum computer than currently expected.
Post-quantum standards and advice from governmental entities are welcome to guide organizations in transitioning to a quantum-secure environment. However, such advice may not reflect the state-of-the-art of malicious actors.
SEE: Password breach: Why pop culture and passwords dont mix (free PDF) (TechRepublic)
At some point, many current encryption algorithms will become instantly vulnerable to attack. In anticipation of this moment, organizations should take stock of the encryption algorithms they use and the associated key lengths. Where possible, systems should migrate to use AES-256 encryption, use SHA-384 or SHA-512 for hashing, and extend key lengths beyond 3072 bits as an interim measure.
Anyone implementing encryption software should consider the algorithm life span and provide users with the ability to change encryption strength and algorithm as necessary.
Quantum computing is a major focus of research and investment. Physical constraints mean that current chip architectures are difficult to advance further. Practical quantum computer systems will bring large gains in computing power and allow new computational techniques to be applied to solve problems that are currently impractical to calculate.
One application of a new quantum computer will be breaking encryption. When such a system is developed, its existence is likely to be kept secret. However, there are likely to be indicators in the actions of sophisticated threat actors that will betray the systems operation.
Reviewing and improving encryption implementations well in advance of the deployment of a functional quantum computer is vital to ensure the continued confidentiality of information. Take stock of encryption currently in use and plan how to upgrade this if necessary.
We might not be able to predict when such a system will be deployed against us, but we can prepare in advance our response.
For more information, visit the Cisco Newsrooms Q&A with Martin.
Author Martin Lee is technical lead of security research within Talos, Ciscos threat intelligence and research organization. As a researcher within Talos, he seeks to improve the resilience of the Internet and awareness of current threats through researching system vulnerabilities and changes in the threat landscape. With 19 years of experience within the security industry, he is CISSP certified, a Chartered Engineer, and holds degrees from the universities of Bristol, Cambridge, Paris and Oxford.
See the original post:
Is 2022 the year encryption is doomed? - TechRepublic
Google Meet gets in-meeting reactions, PiP, end-to-end encryption and more – TechCrunch
Google announced a major update to Google Meet today that includes a number of long-requested features and plenty that you didnt even know you needed. There is a long list here, but the main additions are likely in-meeting reactions to give immediate updates to the Meet companion mode, emoji-based feedback, the ability to use Meet right inside of Docs, Sheets and Slides, as well as a new picture-in-picture mode so you can more easily ignore a meeting and the ability to stream a meeting to YouTube.
Security is another highlight of todays announcement. Starting in May, Google is rolling out client-side encryption in Meet, which is currently still in beta. With this, users have full control over the encryption keys and the identity provider used to access those keys. Later this year, Google will also introduce option end-to-end encryption for all meetings. Currently, all Meet data is encrypted in transit.
Image Credits: Google
Since 2020, its become increasingly clear that human connection is crucial, said Dave Citron, Googles director of product management for Google Meet and Voice in a press briefing ahead of todays announcement. We know we need solutions that help people build connections that can bridge the gap between physical spaces and the somewhere else.
He noted that a lot of these updates today focus on collaboration equity, that is, the ability to contribute to meetings regardless of location, role, experience level, language and device preference. One example for this is companion mode, which launched earlier this year and allows users to join a video meeting on a second screen. Now, Google is updating this with personal video tiles for every participant in a hybrid meeting, even if they are in a conference room with other participants. This update will work towards making those in physical space have the same experience as those who are working remotely, Citron explained.
Image Credits: Google
Like too many features Google announces these days, these updates will roll out later this year. This also means youll have to wait until next month to regale your co-workers with emojis during a meeting to help teams celebrate wins, offer support and share the love, as a Google spokesperson called it.
Picture-in-picture mode will also roll out next month, while automatic noise cancellation on Google Meet hardware is now rolling out to all users on Meet-enabled Logitech, Acer and Asus hardware.
The ability to stream to YouTube, which most companies will probably use for webinars and similar outward-facing meetings, is coming later this year.
Google also today announced a couple of updates to Spaces, but youre probably using Slack, so you can find more information about those here.
Image Credits: Google
Continue reading here:
Google Meet gets in-meeting reactions, PiP, end-to-end encryption and more - TechCrunch