cryptography
The Race is on to Solve the Quantum Computing Security Challenge
Quantum computing has long been a topic of intense research and debate, particularly regarding its potential impact on current cryptographic systems ...
Simson Garfinkel on Spooky Cryptographic Action at a Distance
Excellent read. One example: Consider the case of basic public key cryptography, in which a person’s public and private key are created together in a single operation. These two keys are entangled, ...
Practical Advice for PQC Migration for TLS 1.3
Numerous blogs and articles are urging security professionals to start migrating to quantum-resistant algorithms immediately. This urgency was heightened on August 13, 2024, when NIST finalized the FIPS 203 (ML-KEM), FIPS 204 ...
What You Need to Know About “Harvest-Now, Decrypt-Later” Attacks
As quantum computing leapfrogs at great speed, the spotlight is now on post-quantum cryptography (PQC). Recently, NIST released the first three PQC encryption algorithm standards, urging organizations to test the new algorithms ...
Friends don’t let friends reuse nonces
By Joe Doyle If you’ve encountered cryptography software, you’ve probably heard the advice to never use a nonce twice—in fact, that’s where the word nonce (number used once) comes from. Depending on ...
Microsoft Is Adding New Cryptography Algorithms
Microsoft is updating SymCrypt, its core cryptographic library, with new quantum-secure algorithms. Microsoft’s details are here. From a news article: The first new algorithm Microsoft added to SymCrypt is called ML-KEM. Previously ...
The First Set of Post-Quantum Cryptography Standards Are Out. What Should You Do Next?
Recently, NIST made a significant announcement, releasing the first set of post-quantum encryption standards, born out of an 8-year effort to develop cryptographic algorithms that can withstand attacks from both quantum and ...
Understanding Quantum Threats and How to Secure Data with Post-Quantum Cryptography
Post-Quantum Cryptography (PQC) is a new generation of encryption algorithms for protecting data against powerful quantum computers. Quantum computers use quantum mechanics to solve complex problems much faster than traditional computers. With ...
Quantum Computing and the Risk to Classical Cryptography
The recent standardization of first three post-quantum cryptography (PQC) encryption and digital signature algorithms by the U.S. National Institute of Standards and Technology (NIST) has officially kicked off the race to PQC ...
“YOLO” is not a valid hash construction
By Opal Wright Among the cryptographic missteps we see at Trail of Bits, “let’s build our own tool out of a hash function” is one of the most common. Clients have a ...
