Tag Archives: cryptography

Why the Dual-EC DRBG Mechanism is Suspect

February 13, 2014 by Entrust, Inc.     No Comments

As we covered in December, special publication 800-90, released by the National Institute of Standards and Technology (NIST) in 2006, claimed that security vendor RSA and the NSA created a deal to make the dual-EC (elliptic curve) variant the default deterministic random-bit generator algorithm, or DRBG, in its commercial toolkit product. These claims introduce serious [Read More...]

Filed Under: General, Public Key Infrastructure Tagged With: dual-ec, whitepaper

The Edward Snowden Story Calls For Understanding of Encryption, Strong Identity

September 18, 2013 by Bill Conner     No Comments
This entry is part 2 of 2 in the series The Snowden Papers: Lessons to be Learned

This entry is part 2 of 2 in the series The Snowden Papers: Lessons to be LearnedEntrust’s Approach and View of Cryptography There has been tremendous press coverage over the last week or two about cryptographic systems and threats to their security. I want to take some time to share how Entrust, as a global [Read More...]

NSA Leaks Uncover Legitimate Surveillance Concerns, But Cryptographic Systems are Not One of Them

September 17, 2013 by Bill Conner     1 Comment
This entry is part 1 of 2 in the series The Snowden Papers: Lessons to be Learned

This entry is part 1 of 2 in the series The Snowden Papers: Lessons to be LearnedIntelligence Services Disclosures and the Impact on Information Security The Washington Post and other media outlets have provided extensive coverage of allegations made by Edward Snowden concerning some of the NSA’s surveillance programs. The allegations include: The NSA has [Read More...]

Alan Turing Notes on Cryptography Released

July 12, 2012 by Jon Callas     No Comments

Are there any insights left to be wrung from the code breaker’s papers?

Chris Vallance of the BBC reports that GCHQ has released some of Alan Turing’s papers on the theory of code breaking. They’re not on display at the National Archives at Kew. I’ve checked the web pages of the Archives and GCHQ, and there is as of my writing nothing up there, yet.

The two papers are titled, The Applications of Probability to Crypt” and Paper on the Statistics of Repetitions. They discuss the use of mathematics to cryptanalysis. This might seem a bit obvious now, but at the time cryptanalysis was largely done by smart people and not by machines. A code-breaker was more likely someone who was good at solving complex crossword puzzles than working with numbers. It was unusual to bring in someone like Turing to a cryptology lab.

RSA Key Generation Flaw Does Not Affect Entrust Certificates

February 16, 2012 by Jon Callas     1 Comment

The New York Times published an article by John Markoff a couple days ago, “Flaw Found in an Online Encryption Method.” Sadly, the article is behind the Times paywall. Irritatingly, it’s a very good article except for the headline, which is wrong. The flaw isn’t found in the encryption, but in some key generation. A [Read More...]

Filed Under: EV SSL, SSL, SSL Deployment Tagged With: Ben Laurie, crypto, cryptography