InfoQ Homepage Cryptography Content on InfoQ
-
TLS 1.2 Becoming the Minimum TLS Protocol Level on AWS
AWS recently announced that TLS 1.2 is going to become the minimum protocol level for API endpoints. The cloud provider will remove backward compatibility and support for versions 1.0 and 1.1 on all APIs and regions by June 2023.
-
GitHub to Phase out Support for Git Protocol, DSA Keys and Legacy SSH Algorithms
With a strong focus on having customer data as secure as possible, GitHub has decided to remove support for the unencrypted Git protocol, DSA keys and some legacy SSH algorithms. Also, it is adding requirements for newly added RSA keys and providing support for ECDSA and Ed25519 host keys SSH. These changes might affect only SSH and git:// users, while the https:// users will be unaffected.
-
Deno Improves Support for Web APIs: Cryptography, Messaging, Networking, and More
The recent versions of Deno improved web API support in the cryptography, networking, and messaging areas. Deno 1.11 introduced support for the Web Crypto APIs and BroadcastChannel APIs. Deno 1.12 added support for the MessageChannel and MessagePort portions of the Channel Messaging API. Deno 1.13 implements the navigator.hardwareConcurrency API.
-
Post-Quantum Cryptography: Q&A with Jean-Philippe Aumasson
While quantum computing is still in its infancy, post-quantum cryptography is a field of growing interest for companies and research institutions. InfoQ has spoken with cryptography researcher Jean-Philippe Aumasson to understand where post-quantum crypto is headed.
-
The Pillars of Future Cryptography at IBM
In a recent webinar, IBM summarized the latest advances in cryptographic technologies the company has been working on, including confidential cryptography, quantum-safe encryption, and fully homomorphic cryptography.
-
Linux Foundation Sigstore Aims to Be the Let's Encrypt of Code Signing
Backed by the Linux Foundation, Sigstore aims to provide a non-profit service to foster the adoption of cryptographic signing by open source projects to make the software supply chain more secure.
-
Swift Crypto Brings Apple CryptoKit API to Server-Side Swift
Swift Crypto is a new open-source library for Swift that aims to provide a common API for cryptographic operations on all supported platforms. On macOS, Swift Crypto leverage Apple's CryptoKit framework, while BoringSSL is used for all other platforms.
-
Microsoft Patches Severe Crypto32.dll Vulnerability
Microsoft has released patches for various versions of Windows 10 and Windows Server 2019 and 2016 to fix a severe vulnerability affecting system validation of Elliptic Curve Cryptography (ECC) certificates. This vulnerability enables an attacker to spoof the validity of a certificate chain and signature validation and requires prompt patching.
-
BLAKE3 Is an Extremely Fast, Parallel Cryptographic Hash
BLAKE3 is the most recent evolution of the BLAKE cryptographic hash function. Created by Jack O'Connor, Jean-Philippe Aumasson, Samuel Neves, and Zooko Wilcox-O'Hearn, BLAKE3 combines general purpose cryptographic tree hash bao with BLAKE2 to provide a big performance improvement over SHA-1, SHA-2, SHA-3, and BLAKE2.
-
Poor Random Number Generation Makes 1 in Every 172 RSA Certificates Vulnerable
Research report by firm KeyFactor shows many IoT and network devices are using weak digital certificates that make them vulnerable to attack. Researchers Jonathan Kilgallin and Ross Vasko analyzed 75 million RSA certificates and found 1 in 172 keys share a factor with another, which means they can be easily cracked.
-
Cloudflare CIRCL Experiments in Post-Quantum Cryptography
Cloudflare has open-sourced CIRCL (Cloudflare Interoperable, Reusable Cryptographic Library), a collection of algorithms for post-quantum (PQ), elliptic curve cryptography, and hashing for prime groups.
-
Tink is Google Cryptographic Library for the Cloud, Android, and iOS
Tink is a multi-language, cross-platform cryptographic library developed by a group of cryptographers and security engineers at Google to help developers implement cryptography correctly without being cryptographic experts. Under development for the last two years, version 1.2 adds support for Cloud, Android, and iOS platforms, and C++ and Objective-C.
-
Microsoft Announces Coco Framework for Enterprise Blockchain Networks
In a recent blog post, Microsoft announced a new open framework, called Coco, which targets enterprise consortium networks. The framework sits on top of existing blockchain platforms, such as Ethereum, and focuses on improving network throughput, adding new confidentiality models, network policy management and support for non-deterministic transactions.
-
Google, Microsoft, and Mozilla Urge Site Operators to Replace SHA–1 Certificates
Following their SHA–1 deprecation plans announced last year, Google, Microsoft, and Mozilla detailed recently their timelines to remove support for SHA–1 certificates from their flagship browsers. Researchers at security firm Venafi found however, that 35% of analyzed websites are still using SHA–1 certificates.
-
.NET Framework 4.6.2 Delivers WPF and Security Improvements
The latest release of the .NET Framework provides several new features centered around WPF and security- including some long-awaited improvements to ClickOnce deployed applications. Microsoft released a preview of .NET Framework 4.6.2 back in late March and now developers can take advantage of the release’s new features in their own projects.