Linux Cryptography - Page 26

We have thousands of posts on a wide variety of open source and security topics, conveniently organized for searching or just browsing.

How Passkey Solutions Enhance Open-Source Security

Security in open-source projects has always been a challenge. The very nature of open-source software encourages collaboration, transparency, and improvement, all of which make the system potentially more exposed to risks. ...
Nov 28, 2024
  0

Abyss Locker Ransomware Targets Linux & Windows Users

A ransomware variant dubbed "Abyss Locker" has been obs...
Mar 02, 2024
  0
24.Key Code Esm H115

Linux Foundation Joins Post-Quantum Cryptography Alliance

The Linux Foundation recently launched its partnership ...
Feb 07, 2024
  182
24.Key Code Esm H115

Discover Cryptography News

Quantum Encryption Sets Long-distance Record

Quantum Encryption Sets Long-distance Record

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

A encrypted quantum key has been transmitted over a distance of 184.6 km, which is 50% further than the previous record of 122 km. The work was done by researchers in the US, based at the Los Alamos National Laboratory (LANL) in New Mexico and the National Institute of Standards and Technology (NIST) in Boulder, Colorado (New Journal of Physics 8 193). The previous record of 122 km was set by researchers at Toshiba

Cryptography Portal

Cryptography Portal

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cryptography is, traditionally, the study of means of converting information from its normal, comprehensible form into an incomprehensible format, rendering it unreadable without secret knowledge

Itanium, the speedy encryptor

Itanium, the speedy encryptor

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Linux kernel maintainer Linus Torvalds has charged that Itanium designers "threw out all the good parts of the x86." One emerging niche for Itanium, though, seems to be high-speed encryption and decryption. For instance, encryption and key management provider Eruces Inc. of Lenexa, Kan., is bullish on Itanium. Eruces devotes a large chunk of its business to federal intelligence agencies. The company's symmetric key management system encrypts documents, programs and databases, using a centralized KeyServer to generate and manage keys.

StrongKey - Encryption Key Management Software

StrongKey - Encryption Key Management Software

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

StrongAuth, Inc. has announced the availability of a free and open-source software product - StrongKey - designed to help enterprises manage symmetric encryption keys as a centrally managed resource. This capability, a first for the open-source community, provides implementers with independence from application-specific, operating system-specific or database-specific encryption key-management solutions.

Quantum cryptography demo is a security first

Quantum cryptography demo is a security first

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Northwestern University researchers have joined forces with BBN Technologies to demonstrate what they are calling the first truly quantum cryptographic data network. The university has combined its quantum noise-protected data-encryption technology with quantum key distribution technology from BBN on a 5.5-mile SONET link between BBN headquarters and Harvard University. Quantum cryptography uses single photons of light to distribute keys to encrypt and decrypt messages. Because quantum particles are changed by any observation or measurement, even the simplest attempt at snooping on the network interrupts the flow of data and alerts administrators.

Crypto-snake oil

Crypto-snake oil

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

The term snake oil is often used to describe cryptography that does not actually provide the level of security that its proponents claim. The origin of the term is somewhat unclear, but one story is that it can be traced back to one of the traditional remedies for joint pain and inflammation that was brought to the US in the nineteenth century by Chinese immigrants. The fat from Chinese water snakes is high in eicosapentaenic acid (EPA), which has been shown to have some medicinal properties, so there may be some basis for believing that the traditional remedy actually had useful effects. Like the effects of many medications, however, the benefits from the traditional snake oil were subtle and varied significantly from person to person, making it difficult to rigorously prove the effectiveness of the remedy.

SHA-1 hash function under pressure

SHA-1 hash function under pressure

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cryptographic experts at the Crypto 2006 conference have demonstrated a modified method of attack against a reduced variant of the SHA-1 hash algorithm. The new method is an attack which, for the first time, allows at least a part of the message to be freely selected, for example as straight text. Previous approaches, for example the collision attack by Xiaoyun Wang and her team, which attracted considerable attention, were merely able to produce almost completely different hash twins of the same length, both consisting of meaningless gibberish.

An Illustrated Guide to Cryptographic Hashes

An Illustrated Guide to Cryptographic Hashes

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

With the recent news of weaknesses in some common security algorithms (MD4, MD5, SHA-0), many are wondering exactly what these things are: They form the underpinning of much of our electronic infrastructure, and in this Guide we'll try to give an overview of what they are and how to understand them in the context of the recent developments.A "hash" (also called a "digest", and informally a "checksum") is a kind of "signature" for a stream of data that represents the contents. The closest real-life analog we can think is "a tamper-evident seal on a software package": if you open the box (change the file), it's detected.

Foundations of Cryptography

Foundations of Cryptography

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cryptography has been employed for keeping secrets since the time of Caesar. From the simplest ciphers of shifting letters, to mathematically provably secure ciphers of today, cryptography has progressed a long way.

U.K. police: Let us seize encryption key

U.K. police: Let us seize encryption key

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Because British law enforcement officers don't have the authority to seize encryption keys, an increasing number of criminals are able to evade justice, a senior police officer said. Suspected terrorists, pedophiles and burglars have all walked free because encrypted data couldn't be opened, Detective Chief Inspector Matt Sarti of the Metropolitan Police said Monday during a public meeting in London. "There are more than 200 PCs sitting in property cupboards which contain encrypted data, for which we have considerable evidence that they contain data that relates to a serious crime," Sarti said. "Not one of those suspects has claimed that the files are business-related, and in many cases, the names of the files indicate that they are important to our investigations."

PHP encryption for the common man

PHP encryption for the common man

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this increasingly virtual online world, you have to be careful to protect your data. Learn the basics of encoding and encrypting important bits of information, such as passwords, credit card numbers, and even entire messages. Get an overview of what it means to encrypt and decrypt information, as well as some practical examples involving passwords and other data, using PHP's built-in functionality.

Does (password) size matter?

Does (password) size matter?

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Does size matter? The question has arisen lately on Security-Basics, a computer security mailing list hosted by SecurityFocus.com. As usual, the question comes down to physical size or mental prowess.

Crypto Tutorial Overview

Crypto Tutorial Overview

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

This page contains my godzilla crypto tutorial, totalling 509 slides in 8 parts, of which the first 7 are the tutorial itself and the 8th is extra material which covers crypto politics. Part 8 isn't officially part of the technical tutorial itself. The tutorial is done at a reasonably high level, there are about two dozen books which cover things like DES encryption done at the bit-flipping level so I haven't bothered going down to this level. Instead I cover encryption protocols, weaknesses, applications, and other crypto security-related information. Since the slides are accompanying material for a proper tutorial, there's a lot of extra context which isn't available just by reading the slides. Bear in mind that some of the claims and comments on the slides need to be taken in the context of the full tutorial. Accompanying the slides are about 150 images, unfortunately I can't make these available for copyright reasons.

Scanning USENET for Steganography

Scanning USENET for Steganography

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

After scanning two million images from eBay without finding any hidden messages, we extended the scope of our analysis. A detailed description of the detection framework can be found in Detecting Steganographic Content on the Internet. This page provides details about the analysis of one million images from the Internet Archive's USENET archive. Processing the one million images with stegdetect results in about 20,000 suspicious images. We launched a dictionary attack on the JSteg and JPHide positive images. The dictionary has a size of 1,800,000 words and phrases. The disconcert cluster used to distribute the dictionary attack has a peak performance of roughly 87 GFLOPS.

Malicious Cryptography, part one

Malicious Cryptography, part one

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

Cryptology is everywhere these days. Most users make good use of it even if they do not know they are using cryptographic primitives from day to day. This two-part article series looks at how cryptography is a double-edged sword: it is used to make us safer, but it is also being used for malicious purposes within sophisticated viruses.

Secure your email communication with free software

Secure your email communication with free software

data:image/svg+xml,%3Csvg%20xmlns=%22http://www.w3.org/2000/svg%22%20viewBox=%220%200%20100%20100%22%3E%3C/svg%3E

In this article, you'll learn how to install, setup, and use the Mozilla Thunderbird email client for secure, encrypted email using GnuPG and the Enigmail Mozilla Thunderbird extension. The examples in this article are based on Ubuntu 5.10, but any GNU/Linux-based operating system can be used. You’ll also get to tackle the basics of using GnuPG with Enigmail—just enough to get you started, as GnuPG is a very powerful suite that can extend to other applications. If you'd like to learn more about cryptography using GnuPG, the man pages are a good place to start. Don’t worry though, GnuPG is very well documented and you'll be presented with some links online at the end of this article to get you started.

Get the Latest News & Insights

Sign up to get the latest security news affecting Linux and open source delivered straight to your inbox.

© 2024 Guardian Digital, Inc All Rights Reserved