Security Boulevard

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...
Threat Post

New AES Attack, 200-Year-Old Cipher Key Big Week in Crypto

It’s been quite a week in the world of cryptography. For a field in which advancements are measured in the smallest of terms and major breakthroughs can take decades, the three big news stories ...
Security Boulevard

Post-Quantum Cryptography for DKIM, PGP, and S/MIME: Quantum Threat to Email Security

Quantum computers won’t break the internet tomorrow… but they will break your email security sooner than you think. Today, cybercriminals and state-sponsored groups are quietly collecting encrypted ...
ITWire

Thales and AWS bring CipherTrust Cloud Key Manager integration to support digital sovereignty

Thales has announced its CipherTrust Cloud Key Manager integration with the AWS External Key Store, itself introduced only this week at AWS re:Invent 2022 as part of the AWS Key Management Service.
CSO Online

Why key management becomes the weakest link in a post-quantum and AI-driven security world

Stop obsessing over trendy algorithms; your sloppy key management is the real security "black hole" that AI and quantum ...
Semiconductor Engineering

The Secret World Of Ciphers

The arena of creating secure environments in the hardware and software industries is somewhat shrouded in mystery and misunderstanding. Certainly, some types of ciphers are relatively straightforward ...