Monthly Archives: August 2017

New Bitcoin regulations shake up Washington state’s cryptocurrency industry – GeekWire

Posted on by

BigStock Image / Inked Pixels

Bitcoin has been gradually shedding its reputation as a fringe investment, as its value zig-zags into the stratosphere, and it becomes accepted by businesses such as Expedia and Microsoft. But while financiers have been paying more and more attention to cryptocurrencies, so have state governments.

On July 23, Washington became the latest state to regulate the digital currency market, ostensibly to protect consumers. The bill establishing the regulations, passed by the state legislature in April, has prompted both scorn and praise within the cryptocurrency community, and has led some Bitcoin-related businesses to shut down their Washington operations rather than comply.

The bills primary targets are digital exchanges, which allow customers to trade and deposit their Bitcoin, Ethereum, and other currencies. Every exchange with Washington customers must now operate under the states money transmitter laws, which have traditionally applied to businesses like Western Union. That includes an obligation to be licensed by the states Department of Financial Institutions, and to maintain virtual currency reserves equal to the funds they retain on behalf of customers.

In addition, exchanges must agree to third-party security audits of their systems, and post surety bonds of between $10,000 and $550,000, which work as security deposits in the event customers deserve compensation from an exchange.

We had these old regulations for money transmitters in the state, and they were clearly meant for older business models, said Charles Clark, who helped craft the new laws at the Department of Financial Institutions. The virtual currency industry had issue with that. This gives them some clarification and guidance.

Shortly after the regulations were signed into law, exchanges such as Bitfinex, Bitstamp, Kraken, and Poloniex pulled out of the state, and informed Washington customers they needed to take their business elsewhere. In a statement, Kraken said that while revenue continues to grow, operating costs have become prohibitive, primarily due to the high cost of continuing to meet the regulatory compliance requirements imposed by the state. Unfortunately it has become impractical for us to operate in Washington and we must discontinue service for all residents.

Others have taken to Reddit to respond to the regulations, accusing Washington of having a cryptohating legislature and being a very sorry state for any forward-thinking, technology enthusiast individual to reside in.

Clark said hes followed the online conversation and the news of exchange closures. He downplayed the fallout, noting that Washington issued a regulatory guidance paper on virtual currencies in 2014, and that new regulations are similar to those found in states like New York or North Carolina.

This legislation shouldnt have come as a surprise at all, said Clark.

Washingtons new policies were formed through discussions with a range of cryptocurrency industry groups, licensees, trade associations, the Chamber of Digital Commerce, and companies involved in the space, Clark said.

One of the companies participating in these discussions was Coinme, which operates Bitcoin ATMs in Washington, provides wallet services and facilitates the exchange of virtual currencies in 18 states and internationally. Coinme CEO Neil Bergquist praised Washington states approach, calling Washington a leader among the 50 states on regulating virtual currencies, and early on the draw in providing guidance to companies. He predicted the exchanges leaving the state wouldnt make too many waves.

As long as there are still some (exchanges) standing at the end of it, I think it will have a somewhat minimal impact on consumers, said Bergquist, who pointed out that the largest exchange, Coinbase, is still operating in Washington.

The cryptocurrency industry has been a boon to the state economy, Bergquist said, creating high-paying jobs and a number of new millionaires in recent years. But even as it gains in popularity, its still confusing and arcane to many government officials. Lawmakers must recognize the gaps in their knowledge, he said, or risk squashing innovation.

There are some states whose approach is unfortunate, and some are doing a better job because they actually do the work to understand it, Bergquist said. Its important that regulators, entrepreneurs, and customers are all part of that dialogue.

Where some governments have addressed the burgeoning cryptocurrency industry with regulations, others have taken a different approach. This past June, for example, Montana awarded a $416,000 grant to a Bitcoin mining firm, and Nevada passed a law specifically prohibiting Bitcoin transactions from being taxed.

Read more from the original source:
New Bitcoin regulations shake up Washington state's cryptocurrency industry - GeekWire

WikiLeaks Posts Leaked Emails From Emmanuel Macron’s Presidential Campaign – TIME

Posted on by

French President Emmanuel Macron makes a speech following a church service marking the first anniversary of the killing the French Catholic priest Jacques Hamel by two jihadists, in Saint-Etienne-du-Rouvray, in Normandy, northern France on July 26, 2017. DAMIEN MEYERAFP/Getty Images

Updated: Jul 31, 2017 11:43 PM ET

(PARIS) Roughly 20,000 emails allegedly stolen from French President Emmanuel Macron's campaign have been digitally verified and published to WikiLeaks, the group said Monday.

The emails caused a stir when they were initially published just two days before France's May 7 presidential runoff, which pitted Macron against French far-right leader Marine Le Pen. But unlike the leaks that rattled the 2016 American presidential race, the French email leak had little if any impact and Macron still handily beat Le Pen. The messages have since been picked over by the French press, although WikiLeaks' move may draw new attention to them.

In a statement, Macron's political party accused WikiLeaks of taking up the "destabilization operation" launched in May and said it would inform prosecutors.

The question of who was responsible for the initial leak of the Macron campaign emails remains unsolved.

The head of France's cybersecurity agency ANSSI said in June there was no evidence tying the hacking of the Macron campaign emails to any particular actor, saying it "really could be anyone."

WikiLeaks said it verified its batch of emails using DomainKeys Identified Mail or DKIM signatures, a cryptographic protocol that acts like a digital shipping manifest and has become an increasingly popular way for researchers and tech-savvy journalists to prove that emails are authentic.

WikiLeaks said the rest of the emails about 50,000 of them were being included "for context."

Visit link:
WikiLeaks Posts Leaked Emails From Emmanuel Macron's Presidential Campaign - TIME

Fired Donald Trump spin doctor Anthony Scaramucci just followed WikiLeaks founder Julian Assange on Twitter – Mirror.co.uk

Posted on by

Donald Trump's former communications chief Anthony Scaramucci, who was fired after just 10 days in his job, just followed WikiLeaks founder Julian Assange on Twitter.

The former White House communications director is known for following a lot of people on the social network - more than 168,000 at the time of writing.

But following the world's most notorious handler of stolen government information just days after being very publicly ousted from the White House is bound to raise a few eyebrows in Washington.

Last night it emerged Scaramucci had been duped by a British prankster into a seething argument with someone he appeared to believe was former White House Chief of Staff, Reince Priebus.

Apparently convinced he was corresponding with the real Priebus, Scaramucci said his former boss had been hurtful.

He wrote: You know what you did. We all do. Even today. But rest assured we are prepared. A Man would apologise.

The fake Priebus wrote back: I can't believe you are questioning my ethics! The so called 'Mooch', who can't even manage his first week in the White House without leaving upset in his wake. I have nothing to apologize for."

Trumps then-comms chief said Priebus should read more Shakespeare, particularly revenge play Othello.

Scaramucci has previously spoken positively about Assange's information clearing house.

In a Tweet last October, long before Trump made him Director of Communications, he said: "WikiLeaks became the fourth estate in 2016."

Ahead of November's US presidential election, WikiLeaks released a cache of email stolen from the Democratic National Committee, which US intelligence services believe had been given to Assange by Russian hackers.

The email dump was hugely damaging to Hillary Clinton 's campaign, and many credit it with securing Trump's victory.

The Mirror has contacted Mr Scaramucci for comment.

See the rest here:
Fired Donald Trump spin doctor Anthony Scaramucci just followed WikiLeaks founder Julian Assange on Twitter - Mirror.co.uk

Phone Companies Introduce Non-Removable Batteries After Edward Snowden Warning – Sputnik International

Posted on by

In 2014 US whistleblower Edward Snowden revealed the National Security Agency and GCHQ could turn on smartphones remotely, even when they were switched off. Now, three years later, several smartphone manufacturers have started introducing non-removable batteries. Is it a coincidence?

In June 2013, Snowden revealed the NSA was collecting the phone records ofmillions ofVerizon customers inthe US using a secret court order, and had also tapped the phones ofdozens ofworld leaders, including Germany's Chancellor Angela Merkel.

Snowden was threatened withprosecution inthe US, and fled toRussia, where he was granted asylum two years later.

The followingyear he gave an interview inwhich he explained how the NSA, and Britain's GCHQ, had the capability touse smartphones likebugs ina room.

They were able toswitch onpeople's phones and listen tothem remotely withoutthem being aware, he said.

"They can absolutely turn them onwith the power turned offto the device," Snowden said.

He said the intelligence agencies could gain access toa handset bysending it an encrypted text message and could even use the phone's camera withoutthe owner's knowledge.

The Washington Post had reported the NSA had introduced this feature tohelp US forces hunting al-Qaeda insurgents inIraq.

Earlier this year,WikiLeaks exposed a CIA program aimed athacking computers, mobile phones and even smart TVs fromcompanies likeApple, Google, Microsoft and Samsung, using techniques users could neither detect nor disable byresetting their devices.

After Snowden's little revelation some people who were extremely concerned aboutgovernment surveillance including criminals and terrorists began removing the batteries entirely fromtheir devices.

Now a number ofsmartphones, likethe Samsung A5, have come onthe market inthe UK, US and elsewhere, which have batteries which cannot be removed.

Some conspiracy theorists might jump tothe conclusion that they have been pressured bythe intelligence agencies toensure smartphones can always be spied on.

"Seemingly the main reason is waterproofing, butthey have already achieved that witha removable battery inthe S5," Tonny Be, a technology expert, told Sputnik.

"The heads ofGoogle and several other phone/tech manufacturers have been documented inthe media ashaving visited the White House duringthe Obama era," he told Sputnik.

"Advancement ofnon-removable batteries started toinvade the mobile market coincidence or plan tokeep everyone onthe grid while milking money outof them withneutered devices while keeping those same devices 'always on' tobe spied uponby the powers that be?" Mr. Be said.

"You decide: conspiracy theory lunacy or nice, complete, neatly-wrapped package ofevidence being touted ascoincidence?" he added.

"I figure if the powers that be ever admit toit being a collective effort that was forced uponmanufacturers or possibly agreed uponto be tactically put inplay, they'll spin it inas a preventive terrorist measure," Mr. Be concluded.

Go here to read the rest:
Phone Companies Introduce Non-Removable Batteries After Edward Snowden Warning - Sputnik International

‘Tragedy Of Policy’: Snowden Calls Out Putin For Ban On Portion of Internet – The Daily Caller

Posted on by

Edward Snowden criticized a decision made Sunday by Russian President Vladimir Putinto ban technology that helps users circumvent censored web content.

Millions of peoplewithin Russiacan no longer lawfully utilize virtual private networks (VPNs)because of the new decree, which was already endorsed by Duma, the legislative body. VPNs empower users with the ability to navigate the web anonymously through an encrypted, secure connection.

Snowden, the former NSA contractor turned whistleblower who fled the U.S. in 2013, laid out his arguments against such a dictatorially-imposed mandatein a series of tweets one of his primarymethods of communication while taking refuge in Russia.

Snowden even referred to the lawas a tragedy of policy.

Its no surprise that Putin would be aiming to block their proliferation, Ryan Hagemann,director of technology policyat the think tank, the Niskanen Center, explained to The Daily Caller News Foundation (TheDCNF). While hes probably concerned about the use of VPNs in accessing non-Kremlin-approved web content, his greater worry is their use in circumventing the FSB [Federal Security Service of the Russian Federation] and other Russian security agencies.

Those agencies tend to keep pretty tight tabs on state dissidents and even run-of-the-mill journalists and activists who object to his regimes ill-treatment of the press and basic civil liberties, he added. Limiting access to VPNs means Putins opponents have fewer channels to communicate and share information that may reflect poorly on his regime.

William Rinehart, director of technology and innovation policy at American Action Forum, agrees with Hagemanns contentions, adding that it will also likely harm enterprises ability to operate and develop.

Businesses especially have taken to VPNs because they allow for employees to gain secure access to the corporate network while outside the office, Rinehart told TheDCNF. While Putins intent might be to disrupt political opposition, the bigger consequence could be to hamper businesses day-to-day operations.

VPNs are usuallyemployed in the U.S. for the exact reason Rinehart cited.Employees not within the confines of the business property or network, for example, are often not allowedto gain entry because of the respective cybersecurity protocol. (RELATED: Bipartisan Senators Introduce Bill To Stop Police From Snooping On People Without A Warrant)

But outside America and many other Western nations, VPNs are mostly used to accessparts of the web that are blocked.

Russia isnt the only nation state to implement such a prohibitory policy. China directed telecommunications companies earlier in July to obstruct users from accessing VPNs.Apple very recentlysurrenderedto the countrysorders, removing all of the major VPN apps from its uniqueChina-based store.(RELATED: China Battles For Internet Hegemony After America Gives Up Control)

Snowden thinks that becausetwo of the biggest and most powerful countries in the worldadopted the authoritarian measure, it is not only a loss for global freedom, but may geopolitically inspire others to follow suit.

Russias ban of VPNs isset to take effect in November. China is giving the quasi-private companies untilFeb. 1, 2018 to comply with its orders.

Follow Eric on Twitter

Send tips to [emailprotected].

Content created by The Daily Caller News Foundation is available without charge to any eligible news publisher that can provide a large audience. For licensing opportunities of our original content, please contact [emailprotected].

Originally posted here:
'Tragedy Of Policy': Snowden Calls Out Putin For Ban On Portion of Internet - The Daily Caller

Top UK official: ‘Real people’ don’t care about encryption – The Hill

Posted on by

United Kingdom Home Secretary Amber Rudd claimed "real people" do not considersecurity to be a selling point when picking smartphonechat applications.

"Who uses WhatsApp because it is end-to-end encrypted, rather than because it is an incredibly user-friendly and cheap way to keep in touch with friends and family?" Rudd wrote in an editorialabout encryptionin the Daily Telegraph on Tuesday.

Rudd, like leaders in Germany and France, as well as some politicians in America, is concerned about "end-to-end" encryption encryption that cannot be broken while data is in transit because there is no way for law enforcement to intercept such communications, even with a warrant.

In the editorial, she said she had traveled to Silicon Valley to discuss the issue with tech firms.

Many of the top chat apps on the market incorporate end-to-end encryption. An Amnesty International report of 16 globally popular chat apps found that more than half used or permitted end-to-end encryption, including Telegram, Apple Chat, Facebook Messenger, Viber and Line.

Over the weekend, Rep. Will Hurd (R-Texas) accused European nations ofunfairly criticizing the United States forbeing weak on privacy while European Unionmemberspursued their own policies to limit encryption.

Read the rest here:
Top UK official: 'Real people' don't care about encryption - The Hill

Telegram messaging app strikes deal with Indonesia on encryption – Digital Trends

Posted on by

zF6s0g"KO(21qKN2#k@$H&uolU 4 K>UuuuuUu^?=Y4?MU>~Ejys4xqqC?6mwZ{dVcIc|5 rSW0s"ADVsb{tXVEGWsb/9Q42uFLJxp.jV3@$0?7Qx1t;%m1#1<3olRtg4d vr)E;{t:Kk#63=9sc^y(:RL0k~H}lG- 9VEkOphOP+?so#3'Mx3 woHkus;0X8 m_x6E4":yLB+QdU<|KSw|U[_c;S{+YLSx t$ -{4B< lbV{'S3eCUX7N$80H%K^aH+#CGgKpi ]=QK|#GnmgI_{qfbzex[n5t[)sL}>w{8hB3"] 4=s1gEI?uN.9uQhktf+No{s{0Z/{mshAi~O.fjjXeMQd8:E<'Msbf[a->c4TV?sY(IyV;C`c&@bR5qy ?^,tU$R$i_lI?;u.9x Q ?]_1v[,V%-:BFN4< 5Eji~Ob,ReIU}ds35C7+]-l^4`D dB /7[ACODV%_~,)<|&L~z# ;) dNF!sS]x /3#w,q3S&C@);YAaaJI{eZ[=1r'4^1B74n)!^wTI0G!3)t/>Oy<>}UG' 3xYW4t5!QmU :Ar3q8Ew:fIj4b@1[uk!u.U9K^EsWQ=A?Ql9]-{{Ez3U31k@?["l&E?+ux=wN!Fg7{p1w5t-%g3m8aqt&dlCoQL:]&UxhIJh9)$mmmjUP,PZ ^:3(HC-VL|_pj% 7HW0YbwV;iqXc1yt[zGf1aO|#NlM8,:JkIY1jnoD "kJ?7dF;r$wd1c@a_FToxIg ?5NfsR*8 '[w+]LXU tzj :##J6G"&ws,Y 5YoFq(p^#DM5Wwp&z _+a^P:Sp?zSkk>E @,G2^Hk|ErF-H|cqE Hzm- kkRMIL@'s$g?YTxy69~@JcsHApik^eGFj&&ID|L3Du#%xt+2.n9 bO!KqpmS#kXaOQbLSm>qmkJMd|7|Hh?<~Fu Sp6uasv} ='sp;T!$j,Cd#AXFP$r5C?_:jT'-zlrCI[m)XW_n[~ yrJ0ajC9a,1Acn-7[ONb0KVG)&d c^-z,.dM$/f$M}cmj3}>)b$_`PZz h@NA1 7"=z6-5,^7M5Qj}%V%&m'[[[8(MQXUb)0T-`?eY'5ZW;53Io2"Yz_= $1Go9jEuV@7RfV }1s 83BVF$P{=qVu2 K~ZJ7cilVeSgwQ'jx# 8*]5F q&LIN3C

'$}ss7=:<[4~iK:> v!m'S4'8F~c4wpljY@r/_>_7~^4^@=i0~se4d2AG(Q:3c[!$/w6wFN]!+(~fh9LLQoM h y X":EO<6_(X@v/3]7PN>fak&qZ}!uF >!+70(LNcR BDC%/D 1Lp`^)GPnDnd+{gZF_Z4s4Z4V5&m'Cz0mHI{ g=`s't?{_8LqB+eHB/}H"jc(:6Sd,T=)/X5((n(S#un/- E xO>d`(,J/ H{OXJAZTG)$;O"c9&[WAR"^.4!Y?/IzzF3mK%X?-u Vk;SpCc K'~l1K:<'UeU{,Zs5~^bpQB(GAqf"EqSx5+%!sddZ=hqFwCr](s2)aeT&? VOUl3-- }$~Wpz.s9`#l@mD!?>d~Bf!)B{L7rY|5`Q8I,>@SCA;$bSP?t1:?=:kdRP.c! Nq,01M3o={1T*;S#H{P#1Q|}k Uj@(i,fEvqAi"=vHFH5v/+kJ%^JdeYYmtzv. !}%[(C#%O6bZ_3"LPUVH:,jyiLdlALb"y`!<-@%n/Q>?'9pN[myo)xBC~#VpgRLR:"S VX&~AL^Ac] JP?1tG'.^8zhg&M,^f|P^^VB;m4.w480)?aN-ImUFXH}@N?1c#Z}1^!!)6H,$XR I(xc9YT1daa>D*p_ ^N4Fv|Blg&gAFR,3Y Av('klda_)4V2^e'gD[kDuo U[e|=X9Hg,E9?9P_0F(,`*Hm LI^ R0k@'&BM&rtRl//5u#sVaK:1QCT!a :4oj8 !Kuq=NhIIX9&Le RI"#;-#8R4@ap"1X-i {h#4#P$3=8",bk,pu;B3/d%&T88Ua%eYRjH)m(>2idg Q:QraM_7:e1C KS&x$/;pd8Q%}j|ct .,GOU05GMG"A9@C2r K7l!Y?ALJ^r.H{6n?~dSiNl%U{8Er8x9Go?~gI1q4/.tRb AQ?slif^gQ=/je{] E5$$w 0vs8$1}[FV[oUiJUT9S~{Z7%%f5wVSqAweJ"1 2O 06S02T1p-0n u{[]HrNw;RI$zt |:,<'dhQh:F!_37oN>|RT32LF}m#8?4.Ur0)YvLvTkp=lR*"@lJ$jL" op O ulv}l_,W[8ZT77~aKbRb2!/p8'g|lfg5hyS ~f<^5!u'MjJY1Q2R"kV,%fk`PV.hTSzS]4!Fa IPsKoWJ4*+'<.=-Kr{4JYxfkz6DfylS5'O5`ll~9'DK1V}(#O*!"j+Kg"&"Oq |O*b!/nsxt{WK#;Ce2E4T4~yo>|Ke ~?y]xvYR nqS=)#6UQu{!R FztPBX 7 7g5$YGF%7m4Bs5)~0oT-~Ncf4&e'2

Continue reading here:
Telegram messaging app strikes deal with Indonesia on encryption - Digital Trends

Black Duck Reports Record Revenues and Revenue Growth as well as Significant Increase in New Customers for First … – Business Wire (press release)

Posted on by

BURLINGTON, Mass.--(BUSINESS WIRE)--Black Duck, the global leader in automated solutions for securing and managing open source software, today reported record revenue and record revenue growth for the first half of 2017.

The company said new and add-on revenue from subscriptions to Black Duck Hub, its flagship open source security solution, grew by 77 percent in the first half of 2017 and subscription renewal rates for Hub were in the mid-90-percent range.

Black Duck had a 64 percent increase in new customers during 2016, and the company said it nearly matched the 2016 new-customer total in the first half of 2017. Notable customers added to the portfolio since January include HPE, Carbon Black, Exact Group BV, and Copper Leaf.

CEO Lou Shipley said the company expects overall revenue growth for 2017 will exceed 30 percent in 2017, up 50 percent from 2016.

Were encouraged by our first-half performance and were on track for an equally strong second half of 2017, said Shipley.

Open source software dominates application development today and organizations are increasingly recognizing the need for more effective open source security and management throughout their software development lifecycle. This drives demand for Hub because it helps reduce risk by addressing difficult open source security and management challenges without slowing development, Shipley said.

Black Duck highlighted other significant areas of momentum during the first half of 2017:

He said that as the software development and delivery process becomes increasingly complex spanning AppDev, DevOps, SecDevOps, Containers, the Cloud and IoT a strong ecosystem partnerships and technology integrations is vital. Black Duck has announced integrations or partnerships with Google, Red Hat, Microsoft, Atlassian, and Pivotal.

In late 2016, the company established the Black Duck Center for Open Source Research and Innovation (COSRI) and two new groups in Belfast, Northern Ireland, and Vancouver, Canada, are conducting cutting-edge research in open source security vulnerability management, in data mining and in machine learning to drive product innovation.

In April, COSRI releasedits landmark 2017 Open Source Security and Risk Analysis (OSSRA) detailing audit of more than 1,000 applications that showed significant cross-industry risks related to open source vulnerabilities and license-compliance challenges.

The COSRI report found high levels of open source usage 96 percent of the audited applications contained open source and significant risk to open source security vulnerabilities. More than 60 percent of the applications contained open source security vulnerabilities.

About Black Duck Software

Organizations worldwide use Black Duck Softwares industry-leading products to automate the processes of securing and managing open source software, eliminating the pain related to security vulnerabilities, open source license compliance and operational risk. Black Duck is headquartered in Burlington, MA, and has offices in San Jose, CA, London, Frankfurt, Hong Kong, Tokyo, Seoul and Beijing. For more information, visitwww.blackducksoftware.com.

View post:
Black Duck Reports Record Revenues and Revenue Growth as well as Significant Increase in New Customers for First ... - Business Wire (press release)

SK Telecom to Accelerate Popularization of Quantum Cryptography for IoT Security – IoT Business News (press release) (blog)

Posted on by

Successfully develops quantum random number generator (QRNG) chip prototype that is smaller than the size of a fingernail. Expects the price of per QRNG chipset to be the worlds lowest level, which will propel the adoption of quantum cryptography in areas of IoT, AI and autonomous driving.

A QRNG generates true random numbers without any kind of pattern, meaning that it is ideal for use in cryptography. However, so far, the cost and size of QRNGs currently on market have prevented them from becoming widespread.

With the successful development of an ultra-small QRNG chip measuring 5mm by 5mm, SK Telecom expects that it will soon be able to embed QRNG to a wide variety of the Internet of Things (IoT) products, including autonomous vehicles, drones and smart devices, to dramatically enhance the level of security for IoT services. Although the price of each QRNG chip has not been set yet, the company said that it will be the lowest price ever for a QRNG.

Meanwhile, SK Telecom is also developing a QRNG in the form of USB and PCIe. While the QRNG chip has to be embedded from the beginning of the product development, QRNG in the form of USB or PCIe can be simply connected to any product already on market to provide genuine randomness.

Park Jin-hyo, Senior Vice President and Head of Network R&D Center of SK Telecom, said:

Understanding the importance of data and data security, SK Telecom has focused on developing quantum cryptography technologies to guarantee secure transmission of data in areas including artificial intelligence (AI), IoT and autonomous driving. We will continue to work with partners, both home and abroad, to accelerate the popularization of quantum cryptography and strengthen our presence in the global market.

More here:
SK Telecom to Accelerate Popularization of Quantum Cryptography for IoT Security - IoT Business News (press release) (blog)

Allegro Software Expands FIPS 140-2 Support For IoT Applications Needing Validated Cryptography in Military … – Benzinga

Posted on by

Today, Allegro Software announced it has earned FIPS 140-2 level 1 validation on four additional platforms with the Allegro Cryptography Engine, ACE from the U.S. government's National Institute of Standards and Technology (NIST).

BOXBOROUGH, MA (PRWEB) August 01, 2017

Allegro Software, a leading supplier of Internet component software for the Internet of Things (IoT), today announced it has earned FIPS 140-2 level 1 validation on four additional platforms with the Allegro Cryptography Engine (ACE) from the U.S. government's National Institute of Standards and Technology (NIST). This marks the culmination of Allegro's largest validation effort to date with the U.S. government. Specifically engineered for the rigors of resource constrained IoT computing environments, ACE enables manufacturers to leverage standards-based cryptography in IoT environments with ease. ACE is ideally suited for use in embedded systems and IoT applications in the military, energy, medical and communications industries.

ACE AND FIPS 140-2 VALIDATION

Since the passage of the Federal Information Security Management Act (FISMA), Federal agencies and contractors have a mandate to maintain greater control over data and information systems as a whole. U.S. Federal agencies that use cryptographic-based systems to protect sensitive information in military, medical, telecommunications, IoT applications and other IT-related products must use FIPS 140-2 validated modules to meet these security requirements. FIPS 140-2 validation is also required by national agencies in Canada and is recognized in Europe and Australia.

ACE is one of the smallest, fastest, and most comprehensive FIPS 140-2 validated software modules on the market for IoT applications. Specifically engineered for the critical cryptographic computing needs of IoT applications, ACE is easily used, highly portable, and uniquely configurable to operate in the toughest resource sensitive environments. With a rich software API, IoT developers can easily perform bulk encryption and decryption, message digests, digital signature creation and validation, along with key generation and exchange. ACE also includes a platform independent implementation of NSA defined Suite B cryptographic algorithms as well as other FIPS approved algorithms. The FIPS approved algorithms are listed on the NIST CAVP sites along with the final validation designation on the NIST CVMP site.

To further aid developers implementing IoT security, ACE is pre-integrated with the full suite of Allegro AE IoT connectivity and security toolkits including RomSTL (TLS 1.2), RomCert (SCEP and OCSP), RomSShell AE (SSH), RomPager AE (web server) and RomWebClient AE (web client).

IoT SECURITY AND HARDWARE CRYPTOGRAPHIC ACCELERATION

IoT applications are engineered from the ground up for resource sensitive execution environments. Typically, the primary driving factor in these applications aims to deliver the highest value IoT product at the lowest cost. Unfortunately, implementing cryptographic security protocols in any environment is resource intensive in CPU, RAM and ROM which IoT devices often find difficult to support. To help address these needs, silicon manufacturers augment their chipsets with specifically engineered cryptographic engines to off-load resource intensive cryptographic calculations. Two of Allegro's most recent FIPS 140-2 validated ACE modules have the flexibility to utilize on-board cryptographic acceleration when available. This greatly increases throughput while reducing the demand for CPU, RAM and ROM. These validations have been configured to support the on-board cryptographic acceleration from Intel (AES-NI) in addition to hardware based entropy to meet the latest NIST Implementation Guidance for FIPS modules.

"The need is critical for advanced security in IoT devices," says Bob Van Andel, President of Allegro. "With the culmination of Allegro's latest validations, IoT developers have access to the most essential component of seven key elements needed for proactive IoT security highly portable, reliable, FIPS 140-2 validated cryptography." ACE is delivered as an ANSI-C source code toolkit and is available now. To learn more about the "7 Key Elements for Proactive IoT Security" visit our website: https://www.allegrosoft.com/secure-iot. For additional information on Allegro Software and the full suite of Allegro AE IoT connectivity and security toolkits, visit our website: https://www.allegrosoft.com/iot-device-cybersecurity .

ABOUT ALLEGRO

Allegro Software Development Corporation is a premier provider of embedded Internet software components with an emphasis on industry-leading device management, embedded device security, UPnP-DLNA networking, and the Internet of Things. Since 1996, Allegro has been on the forefront of leading the evolution of secure device management solutions with its RomPager embedded web server and security toolkits. Also an active contributor to UPnP and DLNA initiatives, Allegro supplies a range of UPnP and DLNA toolkits that offer portability, easy integration, and full compliance with UPnP and DLNA specifications. Allegro is headquartered in Boxborough, MA.

For the original version on PRWeb visit: http://www.prweb.com/releases/2017/08/prweb14562144.htm

See the rest here:
Allegro Software Expands FIPS 140-2 Support For IoT Applications Needing Validated Cryptography in Military ... - Benzinga