InfoQ Homepage Cryptography Content on InfoQ
-
GitHub to Phase out Support for Git Protocol, DSA Keys and Legacy SSH Algorithms
With a strong focus on having customer data as secure as possible, GitHub has decided to remove support for the unencrypted Git protocol, DSA keys and some legacy SSH algorithms. Also, it is adding requirements for newly added RSA keys and providing support for ECDSA and Ed25519 host keys SSH. These changes might affect only SSH and git:// users, while the https:// users will be unaffected.
-
Cloud Providers Publish Ransomware Mitigation Strategies
In the last few weeks AWS, Azure and Google Cloud have posted articles and documentation with suggestions on ransomware mitigation techniques on the cloud, highlighting the main protections and recovery preparation actions.
-
Deno Improves Support for Web APIs: Cryptography, Messaging, Networking, and More
The recent versions of Deno improved web API support in the cryptography, networking, and messaging areas. Deno 1.11 introduced support for the Web Crypto APIs and BroadcastChannel APIs. Deno 1.12 added support for the MessageChannel and MessagePort portions of the Channel Messaging API. Deno 1.13 implements the navigator.hardwareConcurrency API.
-
WhatsApp Adopts the Signal Protocol for Secure Multi-Device Communication
WhatsApp is testing its new architecture aimed to enable true multi-device message synchronization while preserving end-to-end cryptographic security. To this aim, WhatsApp is adopting the Signal protocol.
-
Microsoft Announces Public Preview of Bastion Standard SKU
Azure Bastion is a fully-managed Platform as a Service (PaaS) solution providing customers a secure way to connect to a virtual machine using a browser and the Azure portal. Recently, the company announced the public preview of the second Stock Keeping-Unit (SKU) called Standard.
-
Google Open-Sources Fully Homomorphic Encryption Transpiler
Google has open-sourced a general-purpose transpiler able to convert high-level code to be used with Fully Homomorphic Encryption (FHE).
-
AWS Key Management Service Introduces Multi-Region Keys
AWS has recently announced the availability of KMS multi-region keys, a new feature for client-side applications that makes encrypted data portable across regions.
-
Google Cloud Improves SLA for Bigtable and Adds New Security Features
Google Cloud has recently raised the availability SLA for Bigtable instances up to 99.999%, matching the SLA for Firestore and Cloud Spanner. The data storage system introduced as well two new security features for enterprise workloads, customer-managed encryption keys (CMEK) and data access audit logs.
-
GitHub Reacts to Growing Cryptocurrency Mining Attacks Using GitHub Actions
In response to the recent surge in cryptocurrency mining attacks, GitHub has changed how pull requests from public forks are handled in GitHub Actions to prevent abuse.
-
Post-Quantum Cryptography: Q&A with Jean-Philippe Aumasson
While quantum computing is still in its infancy, post-quantum cryptography is a field of growing interest for companies and research institutions. InfoQ has spoken with cryptography researcher Jean-Philippe Aumasson to understand where post-quantum crypto is headed.
-
The Pillars of Future Cryptography at IBM
In a recent webinar, IBM summarized the latest advances in cryptographic technologies the company has been working on, including confidential cryptography, quantum-safe encryption, and fully homomorphic cryptography.
-
Linux Foundation Sigstore Aims to Be the Let's Encrypt of Code Signing
Backed by the Linux Foundation, Sigstore aims to provide a non-profit service to foster the adoption of cryptographic signing by open source projects to make the software supply chain more secure.
-
Filecoin Aims to Use Blockchain to Make Decentralized Storage Resilient and Hard to Censor
Launched in 2017, Filecoin is an open-source decentralized storage network that uses blockchain to implement a cooperative digital storage and data retrieval solution. InfoQ has spoken with Filecoin software engineer Aayush Rajasekaran, who built Filecoin's Lotus implementation.
-
The Cloud Trust Paradox According to Google Cloud
In a series of three technical articles, Google Cloud has recently discussed how to trust cloud providers, covering the concepts of customer trust, security key management and scenarios where keeping encryption keys off the cloud may be necessary.
-
Five Years of Lets Encrypt
Five years ago, a non-profit organisation set up a public certificate authority, with the intent of enabling websites to become more secure by default through automated provisioning of TLS certificates. Five years later, and Lets Encrypt is putting together its own top-level root CA, which will be served by default next year - but some older Android versions won't be able to use it.