Enhancing TLS Security: Google Adds Quantum-Resistant Encryption in Chrome 116

By THN — August 11^th 2023 at 12:22

Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O'Brien said in a post published Thursday. Kyber was chosen by the U.S. Department of Commerce's

The Hacker News

Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm

By Ravie Lakshmanan — March 6^th 2023 at 08:30

A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU," Elena Dubrova, Kalle Ngo, and Joel Gärtner of KTH

Naked Security

US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?

By Paul Ducklin — December 29^th 2022 at 20:45

Cryptographic agility: the ability and the willingness to change quickly when needed.

sc-daa-1200

The Hacker News

Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware

By Ravie Lakshmanan — September 28^th 2022 at 12:36

A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). "This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past," Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up.  Sold on the dark web for

Naked Security

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]

By Paul Ducklin — August 11^th 2022 at 14:34

Latest episode - listen now! (Or read the transcript if you prefer.)

Naked Security

Post-quantum cryptography – new algorithm “gone in 60 minutes”

By Paul Ducklin — August 3^rd 2022 at 18:55

And THIS is why you don't knit your own home-made encryption algorithms and hope no one looks at them.

The Hacker News

Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

By Ravie Lakshmanan — August 3^rd 2022 at 16:09

A late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in an hour's time. The algorithm in question is SIKE — short for Supersingular Isogeny Key Encapsulation — which made it to the fourth round of the Post-Quantum Cryptography (PQC) standardization

Naked Security