Dear Reader,
We all use it every day, we rely on it to keep out online activities safe – from our chat messages to bank transactions. Encryption plays a vitally important role in our life. And yet, it is constantly under attack, not just from hackers trying to break it for personal gain, but also from state actors. In this month's newsletter, we look back at recent security news on the topic of encryption.
Far-out quantum threat
In a somewhat reassuring piece of news this week, Bruce Schneier points to a research paper analyzing the size of quantum computers required to break 256-bit elliptic curve public-key cryptography. The authors determine that, in order to break encryption within one hour, 317,000,000 qubits would be necessary. As of today, the most powerful quantum computers operate in the low one hundred range.
Careful when rolling your own crypto
Of course, no need for powerful quantum computers if the algorithm implementation is flawed. Samsung was at the center of another recently published piece of security research, which claims to have discovered a flaw in one of the company's trusted application in charge of cryptographic operations. The researchers estimate there were around 100 million affected devices at the time of their initial discovery in 2021.
PR attack on end-to-end encryption
Today's prevalence of encrypted messaging is in part driven by consumers seeking out applications that keep their information secure and private - something that doesn’t always align with the interests of law enforcement and intelligence agencies. Last month, RollingStone learned that the UK government is trying to influence public opinion on end-to-end messengers with a PR campaign. A worrying reminder to all of us security professionals out there to raise awareness within our social circle and educate the non-tech-savvy, about why effective security is critically important.
Balancing online safety and privacy
To counter abuse that is happening online without undermining the security of every user through the use of backdoors, several different approaches exist. Although none is a silver bullet that solves the issue for every piece of content, in every format, on every platform. Clearly, more has to be done to fight online abuse and toxic web content and it's likely going to involve more than just one single approach.
Ethics of the Zero Day trade
When backdoors and Zero Day vulnerabilities fall into the wrong hands, they endanger people's security and even their physical safety. In his latest article for Cybersecurity Magazine, Tom Madsen shares his view on the ethics of the Zero Day trade and why disclosing vulnerabilities responsibly is the moral thing to do.
Cybersecurity Magazine Editorial Team
----------------
The Second Privacy-Enhancing Technology Summit is here to help give clear insight on the commercial potential of PETs.
Speaker companies include SAP, Swiss Life Global, LG Technology Ventures and MPC Alliance.
Join us for April 5-6 in Zurich, Switzerland to network with industry professionals who are at the forefront of demystifying the commercial, regulatory, and technical opportunities and challenges surrounding Privacy-Enhancing Technologies. Plus save 10% on all passes when you quote CSM10 on checkout!
-----------------
For our latest video discussions please see the River Publishers YouTube.
The latest journal articles from River Publishers in all areas of cyber security can be found on the River Publishers website.
If you are interested in authoring a book on cybersecurity, or a related topic, please see the River Publishers website.
https://cybersecurity-magazine.com/
https://www.linkedin.com/showcase/cybersecuritymagazine
@magcybersec
https://www.facebook.com/Cybersecurity-Magazine-100535232117942