Linux Cryptography - Page 20

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

How Passkey Solutions Enhance Open-Source Security

Security in open-source projects has always been a challenge. The very nature of open-source software encourages collaboration, transparency, and improvement, all of which make the system potentially more exposed to risks. ...
Nov 28, 2024
  0

Abyss Locker Ransomware Targets Linux & Windows Users

A ransomware variant dubbed "Abyss Locker" has been obs...
Mar 02, 2024
  0
24.Key Code Esm H115

Linux Foundation Joins Post-Quantum Cryptography Alliance

The Linux Foundation recently launched its partnership ...
Feb 07, 2024
  182
24.Key Code Esm H115

Discover Cryptography News

A Short History of the GNU Privacy Guard

A Short History of the GNU Privacy Guard

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This was written by Werner Koch, one of the primary developers, in 2007 about the 10th anniversary of GnuPG, and includes a great summary of the export restriction difficulty, engineering without the restricted algorithms, and the improvements that were made after the Diffie-Hellman patent expired in 1997. A real classic piece of open source history. It's been a decade now that the very first version of the GNU Privacy Guard has been released. This very first version was not yet known under the name of GnuPG but dubbed "g10" as a reference on the German constitution article on freedom of telecommunication (Grundgesetz Artikel 10) and as a pun on the G-10 law which allows the secret services to bypass these constitutional guaranteed freedoms.

Schneier: Man-in-the-Middle Attacks Against SSL

Schneier: Man-in-the-Middle Attacks Against SSL

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Here is a very technical discussion of some issues involved with intercepting communications in an SSL tunnel without breaking the encryption, and how it could be used by a federal government to wiretap on citizens.. Says Matt Blaze:A decade ago, I observed that commercial certificate authorities protect you from anyone from whom they are unwilling to take money. That turns out to be wrong; they don't even do that much.

OpenSSL version 1.0.0 released

OpenSSL version 1.0.0 released

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With more than twelve years of development, the first v1.0.0 release of OpenSSL is now available. The OpenSSL project team is pleased to announce the release of version 1.0.0 of our open source toolkit for SSL/TLS. This new OpenSSL version is a major release and incorporates many new features as well as major fixes compared to 0.9.8n.

The Spy in the Middle

The Spy in the Middle

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A decade ago, I observed that commercial certificate authorities protect you from anyone from whom they are unwilling to take money. That turns out to be wrong; they don't even do that much. SSL certificates are the primary mechanism for ensuring that secure web sites -- those displaying that reassuring "padlock" icon in the address bar -- really are who they purport to be. In order for your browser to display the padlock icon, a web site must first present a "certificate", digitally signed by a trusted "root" authority, that attests to its identity and encryption keys.

New Book: Cryptography Engineering

New Book: Cryptography Engineering

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Bruce Schneier has updated Applied Cryptography. I have a new book, sort of. Cryptography Engineering is really the second edition of Practical Cryptography. Niels Ferguson and I wrote Practical Cryptography in 2003. Tadayoshi Kohno did most of the update work

Noted cryptographer on SSL, encryption and cloud computing

Noted cryptographer on SSL, encryption and cloud computing

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this wide ranging interview, cryptographer, Taher Elgamal, chief security officer of Axway Inc. and the inventor and initial driving force behind SSL, explains how applications may be better adapted to defend against attacks and how cloud computing may alter data protection and authentication. The SSL protocol will be updated to prevent man-in-the-middle attacks, but researchers need to find better ways to prevent malware from getting on PCs in the first place, Elgamal said. Better security at the browser layer and a greater focus on Web application security could help prevent future attacks, he said. End-to-end encryption is a marketing term that doesn't hold much weight, Elgamal said.

How to: Set Up TrueCrypt Disk Encryption, Part 2

How to: Set Up TrueCrypt Disk Encryption, Part 2

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In the first installment of this two-part tutorial series, we learned some of the basics of configuring TrueCrypt, a free open source disk encryption tool, similar to the BitLocker feature in the Enterprise and Ultimate editions of Windows. After outlining the three different encryption methods, we configured the easiest method--file container.

Researchers Claim RSA Authentication Crack

Researchers Claim RSA Authentication Crack

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Researchers at the University of Michigan say they have uncovered a way to circumvent encryption used on many devices. The research is the work of Valeria Bertacco, Todd Austin and Andrea Pellegrini. According to their paper, entitled 'Fault-Based Attack of RSA Authentication' (PDF), the trio demonstrated a way to beat the popular encryption method, which is used in media players, laptop computers, smartphones and other devices.

Researchers discovery could lead to super crypto chips

Researchers' discovery could lead to super crypto chips

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Crystals could lead to super security chips that would make extraction of data more complex and so more difficult for attackers to decrypt. Researchers at Florida State University have discovered crystals that could lead to super security chips as well as contribute to the discovery of materials that expand the capacity of electronic storage devices by 1,000 to 1 million times.

File encryption made easy

File encryption made easy

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Here's a great short article on the encryption techniques for Windows. What alternatives are there for Linux that you use? Have you tried filesystem encryption? Would you, if it were easy? Do you have anything that would need such a level of security? Windows passwords are all too easy to crack, and malware can give the wrong people access to your system. You need to encrypt your key files and passwords, but that can be a lot easier than it sounds with these very simple tools. Would you like to share your experiences with using encryption on Linux? Email us and let us know.

Hacker extracts crypto key from TPM chip

Hacker extracts crypto key from TPM chip

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

An American hacker has, with a great deal of effort, managed to crack a Trusted Platform Module (TPM) by Infineon. He was able to read the data stored on the TPM chip, for instance cryptographic keys (RSA, DES) such as those also used by Microsoft's BitLocker on appropriate motherboards.

Introduction to OpenPGP

Introduction to OpenPGP

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Are you looking for a safe way to encrypt your files and messages? What if there is a method that can do all that and more and yet it is FREE to use? If you are interested, keep reading to know about encrypting and exchanging files safely with GPG and PGP.

How Fedora protects your data with full disk encryption

How Fedora protects your data with full disk encryption

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Disk encryption in one of the most overlooked and underused security tools in computing. When most people think about securing a computer or the operating system that powers it, a firewall, anti-virus, and other anti-malware software comes to mind. Those are all good and necessary tools, but they are only concerned with network security. What about physical security? What happens if someone gains unauthorized, physical access to your computer? Even with all the fancy firewall and other network security tools running, If the disk is not encrypted, check mate! Your data is now shared.

Online Credit/Debit Card Security Failure

Online Credit/Debit Card Security Failure

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Ross Anderson reports (via Bruce Schneier blog): Online transactions with credit cards or debit cards are increasingly verified using the 3D Secure system, which is branded as "Verified by VISA" and "MasterCard SecureCode". This is now the most widely-used single sign-on scheme ever, with over 200 million cardholders registered. It's getting hard to shop online without being forced to use it.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved