Linux Cryptography - Page 19

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

How Passkey Solutions Enhance Open-Source Security

Security in open-source projects has always been a challenge. The very nature of open-source software encourages collaboration, transparency, and improvement, all of which make the system potentially more exposed to risks. ...
Nov 28, 2024
  0

Abyss Locker Ransomware Targets Linux & Windows Users

A ransomware variant dubbed "Abyss Locker" has been obs...
Mar 02, 2024
  0
24.Key Code Esm H115

Linux Foundation Joins Post-Quantum Cryptography Alliance

The Linux Foundation recently launched its partnership ...
Feb 07, 2024
  182
24.Key Code Esm H115

Discover Cryptography News

TrueCrypt 7.0 adds hardware-accelerated AES

TrueCrypt 7.0 adds hardware-accelerated AES

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The TrueCrypt development team have announced the release of version 7.0 of their open source, cross platform, disk encryption tool. According to the developers, this major update to their on-the-fly encryption tool includes several improvements, new features, security enhancements and bug fixes on all platforms.

A Brief History of Encryption

A Brief History of Encryption

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Nearly nine years after the publication of FIPS 197, AES encryption remains the de facto standard today for symmetric encryption, and brute-force attacks remain infeasible, at least for the foreseeable future. To date, most attacks methods have focused on weaknesses or characteristics in specific implementations, called "side-channel attacks," not on the algorithm itself.

Crypto tool predicts password cracking time

Crypto tool predicts password cracking time

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Instead of indicating password quality via coloured bars, the Windows crypto tool Thor's Godly Privacy (TGP) informs users about the estimated time required for a successful brute-force attack on the chosen password. TGP calculates the time from the number of iterations a brute-force tool would need to arrive at the correct character combination.

Reversible Watermarking for Digital Images

Reversible Watermarking for Digital Images

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Every picture tells a story, but how do you know that a digital photo has not been manipulated to change the tale being told? A new approach to adding an encrypted watermark to digital images allows the an image to be validated against a pass key, according to research published in the International Journal of Signal and Imaging Systems Engineering.

Busted Alleged Russian Spies Used Steganography To Conceal Communications

Busted Alleged Russian Spies Used Steganography To Conceal Communications

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In a case that smacks of a Cold War spy novel, the FBI has arrested 11 suspected Russian spies who for years had blended into day-to-day American life in the suburbs and cities. Aside from hiding their true identities and posing as legitimate American citizens, the suspects also masked their communications with their intelligence agency back home in Moscow, using an oft-forgotten form of stealth communication -- steganography.

Tokenization vs encryption: RSA touts tokens to reduce PCI DSS pain

Tokenization vs encryption: RSA touts tokens to reduce PCI DSS pain

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Payment industry executives and security experts are currently debating over the right way to preserve and protect credit card data. Merchants can choose between a variety of formats, from format preserving encryption, which replaces the 16-digit credit card number with an encryption algorithm to card-based tokens, which substitute a random token with the hope that it could reduce the scope of a PCI DSS assessment.

New Crypto-Cracking Tool To Target Databases

New Crypto-Cracking Tool To Target Databases

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Researchers last week introduced a new penetration-testing tool that makes it possible to capture poorly encrypted Web session data -- such as cookies and HTML parameters. Now they say they're looking into how similar attacks against Web applications can be used to advance attacks against Web-facing databases with sloppy encryption-key deployment.

Tool for cracking encrypted session data

Tool for cracking encrypted session data

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Two researchers have released a tool which can be used to crack web server-encrypted session data contained in cookies and parameters hidden in HTML pages. The method used by Juliano Rizzo and Thai Duong's Padding Oracle Exploitation Tool (Poet) can also be used to crack CAPTCHAS.

Everything should be encrypted, right?

Everything should be encrypted, right?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Here's the perfect plan to solve all those pesky security problems. Confidentiality and data leakage, secure backups, individual privacy, data integrity, identity and access management - all can be dealt with in some way by encryption. So why don't we all just use it then, and be done?

OpenSSL updates fix vulnerabilities

OpenSSL updates fix vulnerabilities

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The OpenSSL developers have released versions 0.9.8o and 1.0.0a, fixing two security problems. A flaw in the ASN.1 parser can be exploited to write to invalid memory addresses using specially crafted "Cryptographic Message Syntax" (CMS) structures.

Managing the private encryption keys to the kingdom

Managing the private encryption keys to the kingdom

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

At its core the PCI Data Security Standard is nothing more than a series of guidelines that constitute security best practices. But companies that institute programs to better protect cardholder data can also leverage and extend these efforts throughout their business, ensuring that other sensitive customer, employee and partner data is better protected.

Worth Reading: DECT cryptanalysis and counter attacks on malware

Worth Reading: DECT cryptanalysis and counter attacks on malware

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

As already announced at the 26C3 congress, Karsten Nohl, Erik Tews and Ralf-Philipp Weinmann have released details of their cryptanalysis of the proprietary and secret encryption algorithm used with DECT (DECT Standard Cipher, DSC) an encryption commonly used with cordless phones. The analysis was carried out by reverse engineering DECT hardware and descriptions from a patent document.

Encrypt everything

Encrypt everything

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Companies stand to lose their reputation, not to mention business, in cases of severe data loss. One way to prevent the inadvertent leakage of information is to go in for encryption to secure data on hard drives, flash drives and the like. Subhankar Kundu looks at the different aspects of data encryption in the corporate world.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved