Cryptography

The Indian Controller of Certifying Authorities said that the certificate-issuance process for the National Informatics Centre of India, which issued several fraudulent certificates recently, which were blocked by Google, has been compromised and Google has decided to constrain India CCA’s root certificate to a handful of domains in a future Chrome release. Google’s security team […]

Phony digital certificates for a number of Google domains were discovered and blocked. The certs were issued by the National Informatics Centre of India and were in the Microsoft Root Store.

Encryption software has been enjoying a prolonged day in the sun for about the last year. Thanks to the revelations of Edward Snowden about the NSA’s seemingly limitless capabilities, security experts have been pounding the drum about the importance of encrypting not just data in transit, but information stored on laptops, phones and portable drives. […]

More than two months after it emerged, more than 300,000 machines on port 443 remain vulnerable to the OpenSSL Heartbleed security vulnerability.

Dennis Fisher and Mike Mimoso discuss the latest security news, including the possible fork of TrueCrypt, Microsoft’s new information sharing platform, the FBI’s cybercrime task force and the US team’s crushing tie with Portugal. Download: digital_underground_156.mp3 Music by Chris Gonsalves    

Google announced its fork of OpenSSL called BoringSSL, a version of the crypto libraries that will now import changes from OpenSSL.

Cisco has released a new open-source block cipher called FNR that is designed for encrypting small chunks of data, such as MAC addresses or IP addresses. The cipher is still in the experimental stage, but Cisco has released the source code and a demo application. The company suggests that the new cipher–called Flexible Naor and […]