The initial phase of the TrueCrypt audit has been released and 11 vulnerabilities were uncovered, but no evidence of a backdoor.
Browsing Category: Cryptography
There’s nothing the Internet loves more than a fat, juicy story that it can sink its sharpened, yellowing canines into. And for the security community, the OpenSSL heartbleed vulnerability has been the equivalent of a 72-ounce steak. But an Internet-breaking vulnerability like this one is no good unless we can learn something from it (or[...]
The list of products and sites affected by the OpenSSL heartbleed vulnerability continues to grow, and as security teams implement the patch and dig into the thornier work of revoking certificates, a new problem is emerging: It’s difficult to know whether an attacker has exploited the vulnerability on a given system.
Site operators and software vendors are scrambling to fix the OpenSSL heartbleed bug revealed Monday, a vulnerability that enables an attacker to extract 64 KB of memory per request from a server
The maintainers of the OpenSSL library, one of the more widely deployed cryptographic libraries on the Web, have fixed a serious vulnerability that could have resulted in the revelation of 64 KB of memory to any client or server that was connected.
New encryption scheme inspired by insights into the way heart and lungs communicate is substantially different than existing crypto-methods and highly resistant to conventional attacks.
Yahoo announced a number of encryption enhancements to its email and other online services, and also announced it was finally encrypting communication links between its data centers.
Dennis Fisher talks with Matthew Green of Johns Hopkins University about the paper he co-authored on the Extended Random extension for Dual EC DRBG and whether it could be considered a backdoor.
The addition of the Extended Random extension to RSA BSAFE made it trivial to crack the Dual EC random number generator, researchers said.
Academics are expected to release a study this week that demonstrates how the NSA used a second cryptographic tool in RSA BSafe crypto libraries called Extended Random to facilitate its spying efforts.