SecurityRatty: tag: crypto

Crypto-Gram Tenth Anniversary Issue

2008-05-15 11:13:10 by schneier in Schneier on Security

...Crypto-Gram . It was a monthly newsletter written entirely by me. No guest columns. No advertising. Nothing but me writing about security, published the 15th of the month every month. Now, 120 issues later , none of that has changed I started Crypto-Gram because I had a lot to say about security, and book-length commentaries were too slow and...

Tags: crypto-gram, crypto-gram entries, blog online, blog, security products, snake-oil security products, blog entries, crypto-gram format, format

NSA Backdoors in Crypto AG Ciphering Machines

2008-01-11 06:51:20 by schneier in Schneier on Security

...Crypto AG, a Swiss company located in Zug, has sold to more than 100 countries the encryption machines their officials rely upon to exchange their most sensitive economic, diplomatic and military messages. Crypto AG was founded in 1952 by the legendary (Russian born) Swedish cryptographer Boris Hagelin. During World War II, Hagelin sold...

Tags: crypto, machines, company, swiss company, company web site, century, 20th century version, military messages, countries

What do the Cold Boot Crypto Attack, DVD Players, and MiFare tell us about the Future of Biometrics?

2008-03-26 00:16:43 by Erik T. Heidt in Art of Information Security

...Crypto Attack on hard disk encryption ( more info MiFare RFID Cards ( more info Skimming devices attached to ATM machines to steal card and PIN data ( more info Of course, all of these systems worked in the lab. But when a security system is widely deployed, it has to withstand an enormous amount of scrutiny, and minor flaws will be...

Tags: biometric authentication, biometric authentication infrastructure, biometric authentication challenge, tamper-proof biometric authentication, authentication, authentication device, mifare, tamper, biometrics

RSA Crypto Panel: Martin Hellman on 0.01% Events

2008-04-10 00:04:00 by jrjones in Jeff Jones Security Blog

...Crypto panel, but based upon the excellent one this year, I'll definitely include it in my plans going forward. If you want to hear an overview of what they all said, I can recommend Robert Vamosi's story Cryptographers speak of threats, voting, and Blu-Ray rumors I want to highlight the points that Martin Hellman raised with respect to 99.9%...

Tags: probability, low probability events, hellman, martin hellman, low, martin, security, events, non-security folks

Two Years of Broken Crypto: Debian's Dress Rehearsal for a Global PKI Compromise

2008-10-08 04:42:07 by Editor in IEEE Security and Privacy

...crypto-implementation nightmare with wide-ranging consequences that are difficult to repair. Putting both servers and users at risk, this vulnerability affected OpenSSH, Apache (mod ssl), the onion router (TOR), OpenVPN, and other applications. In this article, I'll examine the issue and its consequences

Tags: prng, secure key generation, weak prng, critical component, openssl package, debian gnulinux, onion router, consequences, source software

Enigma - Crypto for Kids

2008-10-21 18:01:54 by mcurphey in Mark Curphey - SecurityBuddha.com

Brilliant! http://blog.wired.com/geekdad/2008/10/enigma-crypto-c.html

Tags: html, brilliant, blog, wired

More trustworthy election systems via SDL?

2008-02-04 23:34:00 by sdl in The Security Development Lifecycle

...Cryptography . Many cryptographic functions are implemented incorrectly, based on weak algorithms with known flaws, or used in an ineffective or insecure manner. Of particular concern is the fact that virtually all cryptographic key material is permanently hardcoded in the system (and is apparently identical in all Sequoia hardware shipped to...

Tags: machine security concerns, security concerns, election systems, election, security, security researchers, election systems margin, margin, election management system

RSA Day 2: Wednesday with JJ & the Engima

2008-04-14 01:35:30 by JJ in Security Uncorked

...crypto list of If you hear any of these, RUN Cryptography is expensive We have this guy thats reallllly smart Wired EQUIVALENT encryption Its proprietary security Its revolutionary NEW cryptography technology It uses DES- so its FIPS 140 compliant Some of the sins from the session Engineering, Development & Management sins Using a...

Tags: security, inherent security risk, day, security bloggers party, dry session, session, enigma, enigma machines, fathers session

7 Seminal Security Books Every Security Wannabe Should Read

2008-03-17 17:49:28 by Craig Balding in Security Wannabe

...Cryptography: Protocols, Algorithms, and Source Code in C, Second Edition The so-called bible of Crypto. With good reason too: Bruce Schneier provides a seriously comprehensive introduction to cryptography. Refreshingly, he starts at the ground floor - you dont need a degree in maths to benefit from this tomb - its very accessible. Digest...

Tags: books, security books, software, software security assessment, security, thick books, security wannabe, software vulnerability research, software security

Your name:
Your email:
Describe a problem:
AntiSPAM Validation:

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo

	Favorites
	My AOL
	My Ask Jeeves
	Blinklist
	Blogmarks
	Del.icio.us
	Digg
	Facebook
	Faves
	Furl
	Google
	Live
	Magnolia
	Netvouz
	Slashdot
	Spurl
	Technorati
	Yahoo