Articles about cryptography

As quantum computing speeds edge closer to practical use, the ‘harvest now, decrypt later’ approach is already in motion with adversaries collecting encrypted data today, anticipating they'll be able to crack it tomorrow. But is enough being done to prevent it?

New research from Forescout highlights the urgent need for organizations to prepare for a future where quantum-capable adversaries can break widely used cryptographic protocols.

Continue reading →

Analysis of over 17,000 enterprise-used mobile apps by Zimperium zLabs finds that 92 percent of all apps and 56 percent of the top 100 apps use flawed cryptographic methods that could be putting organizations at risk.

Even more concerning, five percent of top 100 apps were found to have high-severity cryptography flaws including hardcoded keys and outdated algorithms.

Continue reading →

Most organizations now recognize that some form of cybersecurity breach is a matter of when rather than if. So why not just assume that the site has been breached in the first place?

That’s exactly what Tide Foundation has done with its new platform. TideCloak is an identity, immunity, and access management system that starts with a 'breach assumed' approach.

Continue reading →

The arrival of quantum computing, like nuclear fusion, is one of those things that always seems predicted to be a decade or more away, but the issue of quantum cryptography is on the doorstep now.

While quantum computers have the ability to break current encryption methods at alarming speeds, The National Institute of Standards and Technology's (NIST) release of Post-Quantum Cryptography (PQC) standards throws down the gauntlet on quantum cybersecurity.

Continue reading →

Now that we're beginning to overcome the obstacles to creating a commercially viable quantum computer it's important to consider the security threat that these vastly more powerful machines will pose.

Not least of these is the threat to encryption which puts everyone's online security at risk. We spoke to Nils Gerhardt, chief technology officer and head of product for Utimaco, to explore what a post-quantum future may look like.

Continue reading →

With the National Institute of Standards and Technology (NIST) expected to finalize post-quantum cryptography (PQC) standards in the second half of 2024, a new report from Keyfactor explores the challenges that create barriers to building a strong foundation of digital trust.

It finds that only 23 percent of organizations have started work on PQC, with 36 percent expecting to start after the first release of standards later this year. Another 25 percent of organizations will begin implementing PQC when standards are finalized.

Continue reading →

As widely available quantum computing draws closer, organizations need to consider the extent to which their supply chain presents risks and start building in post quantum readiness to their risk assessments.

To do this, it's critical for businesses to understand the origin and authenticity of all the components that are in the supply chain (both hardware and software). This is especially true for IoT devices, which rely on systems and subsystems created by multiple partners and vendors bringing their solutions together to make a fully functioning connected product/system.

Continue reading →

You may have come across the term 'root of trust', it’s a source, such as a hardware module, that can always be trusted within a cryptographic system. The system trusts the keys and other cryptographic information it receives from the root of trust module as always authentic and authorized.

Mostly this involves being tied into a specific vendor, but OpenTitan has developed an open source silicon root of trust for use in for use in data center servers, storage, peripherals, and more.

Continue reading →