InfoQ Homepage Cryptography Content on InfoQ
-
Swift Crypto Brings Apple CryptoKit API to Server-Side Swift
Swift Crypto is a new open-source library for Swift that aims to provide a common API for cryptographic operations on all supported platforms. On macOS, Swift Crypto leverage Apple's CryptoKit framework, while BoringSSL is used for all other platforms.
-
Microsoft Patches Severe Crypto32.dll Vulnerability
Microsoft has released patches for various versions of Windows 10 and Windows Server 2019 and 2016 to fix a severe vulnerability affecting system validation of Elliptic Curve Cryptography (ECC) certificates. This vulnerability enables an attacker to spoof the validity of a certificate chain and signature validation and requires prompt patching.
-
BLAKE3 Is an Extremely Fast, Parallel Cryptographic Hash
BLAKE3 is the most recent evolution of the BLAKE cryptographic hash function. Created by Jack O'Connor, Jean-Philippe Aumasson, Samuel Neves, and Zooko Wilcox-O'Hearn, BLAKE3 combines general purpose cryptographic tree hash bao with BLAKE2 to provide a big performance improvement over SHA-1, SHA-2, SHA-3, and BLAKE2.
-
Poor Random Number Generation Makes 1 in Every 172 RSA Certificates Vulnerable
Research report by firm KeyFactor shows many IoT and network devices are using weak digital certificates that make them vulnerable to attack. Researchers Jonathan Kilgallin and Ross Vasko analyzed 75 million RSA certificates and found 1 in 172 keys share a factor with another, which means they can be easily cracked.
-
Cloudflare CIRCL Experiments in Post-Quantum Cryptography
Cloudflare has open-sourced CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library), a collection of algorithms for post-quantum (PQ), elliptic curve cryptography, and hashing for prime groups.
-
Tink is Google Cryptographic Library for the Cloud, Android, and iOS
Tink is a multi-language, cross-platform cryptographic library developed by a group of cryptographers and security engineers at Google to help developers implement cryptography correctly without being cryptographic experts. Under development for the last two years, version 1.2 adds support for Cloud, Android, and iOS platforms, and C++ and Objective-C.
-
Microsoft Announces Coco Framework for Enterprise Blockchain Networks
In a recent blog post, Microsoft announced a new open framework, called Coco, which targets enterprise consortium networks. The framework sits on top of existing blockchain platforms, such as Ethereum, and focuses on improving network throughput, adding new confidentiality models, network policy management and support for non-deterministic transactions.
-
Google, Microsoft, and Mozilla Urge Site Operators to Replace SHA–1 Certificates
Following their SHA–1 deprecation plans announced last year, Google, Microsoft, and Mozilla detailed recently their timelines to remove support for SHA–1 certificates from their flagship browsers. Researchers at security firm Venafi found however, that 35% of analyzed websites are still using SHA–1 certificates.
-
.NET Framework 4.6.2 Delivers WPF and Security Improvements
The latest release of the .NET Framework provides several new features centered around WPF and security- including some long-awaited improvements to ClickOnce deployed applications. Microsoft released a preview of .NET Framework 4.6.2 back in late March and now developers can take advantage of the release’s new features in their own projects.
-
Microsoft Introduces Project Bletchley: A Modular Blockchain Fabric
On June 15th, Microsoft announced their vision for an open blockchain platform which will be powered by Azure. Microsoft is calling this initiative Project Bletchley, which focuses on providing the architectural building blocks for constructing an Enterprise Consortium Blockchain Ecosystem.
-
Postponing the Retirement of SHA-1
The need to retire SHA-1 faces obstacles with the access needs of users who have yet to upgrade. Facebook, Twitter, and CloudFlare have proposed an interim solution for users of these legacy devices.
-
Apple Open-sources Three Cryptographic Libraries
Apple has announced they have open sourced three major components in their OSes’ security subsystem. Apple’s announcement has spun some controversy due to the restrictive nature of the license used for one of the libraries.
-
GitHub Revoked Compromised and Unsecure SSH Keys
GitHub has recently started revoking SSH keys that were deemed to be compromised or otherwise insecure. Systems engineer Ben Cartwright-Cox was the author of the research that uncovered the issues. InfoQ has spoken with him.
-
ZeroDB Internals and End-To-End Database Encryption
In an article published in their blog, ZeroDB team explains how it works. ZeroDB is an end-to-end encrypted database, which means that the database server does not need to be secure for the data to be safe. The way this works is that query logic is being pushed down to the client. The client also holds the decryption keys for data. The client encrypts data with a symmetric key at time of creation
-
Chrome Sets SHA-1 Expiration Date
Google's Chrome web browser team has announced a schedule to deprecate support for how the browser handles HTTPS certificates using SHA-1 signatures. Over the next 6 months the browser will utilize increasingly noticeable warnings for sites that still use SHA-1.