Monthly Archives: December 2023

Cryptography 101: Key Principles, Major Types, Use Cases … – Splunk

Posted on by

Cryptography is fundamental to many information security and privacy mechanisms. Today, a variety of cryptographic algorithms are used in many different applications.

This article explains cryptography: how it works, key principles or operations of cryptography, types of cryptography, use cases and more!

Cryptography can refer to any approach that hides real information, using codes, to prevent reading by unauthorized parties. Cryptography can protect:

Cryptography increasing relies on mathematical concepts a set of encryption algorithms and hashing algorithms to transform information in a way that is difficult to interpret or crack.

For example, suppose communication between two parties is secured using cryptographic principles. The senders message is typically known as the Plaintext. It is transformed into an unreadable format called Ciphertext using the encryption key. When the receiver gets the messages, the Ciphertext is transformed into plaintext using the decryption key.

Lets now turn to the principles that underpin cryptography.

Confidentiality agreements have rules and guidelines to keep the information secure and private. Confidentiality must be protected using techniques like encryption. It ensures that only authorized people can access the information at certain places and it restricts access to other unauthorized parties.

(Confidentiality is one component of the CIA security triad.)

The process of confirming that the person who sent a specific message is the sender of that message. This principle ensures the receiver receives the message from a sender who is permitted to do so. Two common authentication mechanisms are:

Encryption is the process of transforming information into an unreadable format using an encryption algorithm to protect the privacy of the information. Only the receiver can read them using the decryption key.

(Read our end-to-end encryption explainer.)

The data should be consistent and accurate without any alterations while in transit from the sender to the receiver. Data integrity ensures that no manipulation has been done to the data during its lifecycle using techniques like cryptographic hashing.

The non-repudiation principle ensures that the message sender cannot repudiate the authenticity of his signature using techniques like digital signatures.

Key management is the process of maintaining cryptographic keys. It includes tasks like key distribution, generation, rotation, etc. Key management is vital to ensuring the maximum security of a cryptography system as its security heavily relies on cryptographic keys.

There are three major types of cryptography. Lets get to know them in this section.

Symmetric-key cryptography involves encrypting and decrypting using the same cryptographic keys. Here, the sender and all receivers share a common secret key. The plaintext messages are transformed into cipher text using a particular encryption key. The receiver can use the same encryption key to decrypt the message using the shared secret key.

Examples of symmetric-key encryption algorithms include:

The major drawback of this symmetric-key encryption is sharing the secret key. The shared secret must be encrypted to prevent unauthorized access. It can be an additional overhead for cryptographic applications.

This type of cryptography, known as "public-key cryptography," uses different cryptographic keys for the encryption and decryption processes. The sender and the receiver have a private key and a public key:

Though there is a mathematical connection between these private key and public key pairs, the public key cannot generate the private key.

Public key cryptography is commonly used in digital signatures for message authentication. Senders use their private keys to digitally sign their messages to prove their authenticity. Thus, the receiver knows exactly that the sender is a trusted third party.

Of the variety of asymmetric (or public key) cryptography algorithms, here are some examples:

Hash functions compute a fixed-length hash value or a fingerprint on the plain text message. These hashes are unique to each plaintext. Therefore, this type of cryptography does not use a cryptographic key. Hash functions help ensure data integrity between communicating parties. If the hash produces the same output, it indicates that the information has not been altered, compromised or damaged.

Hash functions are used in many cryptographic algorithms and protocols, including MAC algorithms, digital signature algorithms, and authentication protocols. Some of the most common hashing algorithms include:

In addition to the three major cryptography types, hybrid encryption is another type used to secure data and communications.

Hybrid encryption combines public-key cryptography with symmetric encryption for data encryption. This cryptographic type generates a private key and encrypts it using the public key. Then the complete message with the encrypted private key will be encrypted with the original symmetric key. The encoded message can be decrypted only if the recipient knows the original private key.

Hybrid encryption performs randomization for the encryption so that no two messages will have the same ciphertext. It makes the encryption more secure.

With the concepts explained, lets turn to the most common use cases of cryptography what are people actually using cryptography for?

Storing passwords like database passwords in plain text is risky anyone who can access the password storage can read them. Instead, such passwords are encrypted or hashed using a hashing algorithm as a security best practice. Whenever the system refers to it, it will be hashed and compared to the hashed value.

Cryptocurrencies like Bitcoin and Ethereum use cryptographic algorithms such as elliptic-curve cryptography, hash functions and many more to maintain the security and privacy of transactions. Blockchain nodes are secured with cryptography to let users securely trade with other users.

(Whats the state of blockchain today?)

Digital signatures are one of the applications of public key cryptography that provide authenticity and data integrity. The sender generates a unique signature using the private key and attaches it to the document, which needs to be verified using the public key.

Organizations generate significant volumes of data (upwards of 2.5 quintillion bites per day). Storing that can be a risk. Encrypting data in storage makes it more secure and prevents data leakage. Most cloud solutions nowadays provide encryption options along with storage options, including backup drives.

Additionally, automatic encryption can be enabled when data is in transit to the storage and while at rest.

Cryptography has enabled secure communications over the internet by encrypting communication protocols. For example, using HTTPS in the URL indicates connecting to a secure website that encrypts the data. It is particularly useful for payment gateways, where a secure communication channel needs to be created to avoid the leakage of sensitive information.

Another example is the SSH protocol that most people use for tunneling and remote login.

Most organizations use file encryption to protect email communications, including sensitive conversations and attachments. For example, S/MIME encryption and Microsoft 365 message encryption are used to secure Microsoft 365 email messages. Additionally, PGP/MIME (Pretty Good Privacy/Multipurpose Internet Mail Extensions) is another popular type of email encryption supported by Yahoo, AOL and Android devices.

Weve already named these in this article, so lets take a brief look at how some common cryptographic algorithms work.

The Advanced Encryption Standard (AES) is a symmetric encryption algorithm used by many governments worldwide. It was established by the National Institute of Standards and Technology (NIST) in the U.S.

The key sizes of the AES block cipher can be 128, 192, and 256 bits, and encryption happens in blocks of 128 bits each. Considered a strong cryptographic algorithm, more secure than DES and Triple DES, AES is unbreakable by many attacks.

The RSA (Rivest-Shamir-Adleman) algorithm is an asymmetric encryption algorithm invented by Ron Rivest, Adi Shamir and Leonard Adleman in 1978. It is used to encrypt data and communications over the internet and for email encryption.

However, there are still several exploitable vulnerabilities in the RSA. For example, researchers were able to crack a key 768-bit RSA algorithm. It is recommended to use 2048 bits as the key length.

The Triple Data Encryption Standard (DES) provides more security than the standard DES algorithm by using three passes of the DES rather than one. The security of standard DES was found to be less secure than AES. It uses 56-bit length keys.

ECC is a public-key encryption technique that uses the algebraic architecture of elliptic curves with finite fields and uses encryption, signatures, and key exchange. ECC is used in applications like online banking, email encryption, and secure payments.

(Check out our elliptcal curve cryptography explainer.)

Cryptography is the heart of security and privacy mechanisms worldwide. It transforms plain-text data into ciphertext in an unreadable format using encryption algorithms. As technology advances, well see growth in more kinds of cryptography. For example, homomorphic encryption is a fledging technology. And then consider what quantum computing might mean for encryption.

This posting does not necessarily represent Splunk's position, strategies or opinion.

Read more from the original source:
Cryptography 101: Key Principles, Major Types, Use Cases ... - Splunk

What is quantum computing? | McKinsey

Posted on by

Qubit bloch sphere

Flip a coin. Heads or tails, right? Sure, once we see how the coin lands. But while the coin is still spinning in the air, its neither heads nor tails. Its some probability of both.

This grey area is the simplified foundation of quantum computing.

Digital computers have been making it easier for us to process information for decades. But quantum computers are poised to take computing to a whole new level. Quantum computersrepresent a completely new approach to computing. And while they wont replace todays computers, by using the principles of quantum physics, they will be able to solvevery complex statistical problems that todays computers cant. Quantum computing has so much potential and momentum that McKinsey has identified it as one of the next big trends in tech. Quantum computing alonejust one of three main areas of emerging quantum technologycould account for nearly $1.3 trillion in valueby 2035.

Heres how it works: classical computing, the technology that powers your laptop and smartphone, is built on bits. A bit is a unit of information that can store either a zero or a one. By contrast, quantum computing is built on quantum bits, or qubits, which can store zeros and ones. Qubits can represent any combination of both zero and one simultaneouslythis is called a superposition.

When classical computers solve a problem with multiple variables, they must conduct a new calculation every time a variable changes. Each calculation is a single path to a single result. Quantum computers, however, have a larger working space, which means they can explore a massive number of paths simultaneously. This possibility means that quantum computers can be much, much fasterthan classical computers.

But the first real proof that quantum computers could handle problems too complicated for classical computers didnt arrive until 2019, when Google announced that its quantum computer had made a major breakthrough: it solved a problem in 200 seconds that would have taken a classical computer 10,000 years.

Although this was an important milestone in computing, it was more of a theoretical leap forward rather than a practical one, since the problem the quantum computer solved had no real-world use at all. But were rapidly approaching a time when quantum computers will have a real impact on our lives. Read on to find out how.

Learn more about McKinsey Digital.

Todays classical computers are relatively straightforward. They work with a limited set of inputs and use an algorithm and spit out an answerand the bits that encode the inputs do not share information about one another. Quantum computers are different. For one thing, when data are input into the qubits, the qubits interact with other qubits, allowing for many different calculations to be done simultaneously. This is why quantum computers are able to work so much faster than classical computers. But thats not the end of the story: quantum computers dont deliver one clear answer like classical computers do; rather, they deliver a range of possible answers.

For calculations that are limited in scope, classical computers are still the preferred tools. But for very complex problems, quantum computers can save time by narrowing down the range of possible answers.

Quantum computers arent like your average desktop computer. Its unlikely that you will be able to wander down to a store and pick one up. The kind of quantum computers that are capable of solving major problems will be expensive, complicated machines operated by just a few key players.

Over the next few years, the major players in quantum computing, as well as a small cohort of start-ups, will steadily increase the number of qubits that their computers can handle. Progress is expected to be slow: McKinsey estimates that by 2030, only about 5,000 quantum computerswill be operational. The hardware and software required to handle the most complex problems may not exist until 2035 or later.

But some businesses will begin to derive value from quantum well before then. At first, businesses will receive quantum services via the cloud, from the same providers they use now. Several major computing companies have already announced their quantum cloud offerings.

Learn more about McKinsey Digital.

One major obstacle to the advancement of quantum computing is that qubits are volatile. Whereas a bit in todays computers can be in a state of either one or zero, a qubit can be any possible combination of the two. When a qubit changes its status, inputs can be lost or altered, throwing off the accuracy of the results. Another obstacle to development is that a quantum computer operating at the scale needed to deliver significant breakthroughs will require potentially millions of qubits to be connected. The few quantum computers that exist today are nowhere near that number.

Slowly, at first. For the time being, quantum computing will be used alongsideclassical computing to solve multivariable problems. One example? Quantum computers can narrow the range of possible solutions to a finance or logistics problem, helping a company reach the best solution a little bit faster. This kind of slower progress will be the norm until quantum computing advances enough to deliver massive breakthroughs.

Learn more about McKinsey Digital.

Quantum computers can narrow the range of possible solutions to a finance or logistics problem, helping a company reach the best solution a little bit faster.

Quantum computers have four fundamental capabilitiesthat differentiate them from todays classical computers:

As these capabilities develop at pace with quantum computing power, use cases will proliferate.

Experts believe that quantum computers are powerful enough to eventually be able to model even the most complex molecules in the human body.

Research suggests that four industries stand to reap the greatest short-term benefits from quantum computing based on the use cases discussed in the previous section. Collectivelyand conservativelythe value at stake for these industries could be as much as $1.3 trillion.

These four industries likely stand to gain the most from quantum computing. But leaders in every sector canand shouldprepare for the inevitable quantum advancements of the next few years.

Learn more about McKinsey Digital.

According to McKinseys analysis, quantum computing is still years away from widespread commercial application. Other quantum technologies such as quantum communication (QComms) and quantum sensing (QS) could become available much earlier. Quantum communication will enable strong encryption protocols that could greatly increase the security of sensitive information. QComms enables the following functions:

Quantum sensing allows for more accurate measurements than ever before, including of physical properties like temperature, magnetic fields, and rotation. Plus, once optimized and decreased in size, quantum sensors will be able to measure data that cant be captured by current sensors.

The markets for QComms and QS are currently smaller than those for quantum computing, which has so far attracted most of the headlines and funding. But McKinsey expects both Qcomms and QS to attract serious interest and funding in the future. The risks are significant, but the potential payoff is high: by 2030, QS and QComms could generate $13 billion in revenues.

Learn more about quantum sensors and quantum communications.

A wide talent gap exists between the business need for quantum computing and the number of quantum professionals available to meet that need. This skill gap could jeopardize potential value creation, which McKinsey estimates to be as much as $1.3 trillion.

McKinsey research has found that there is only one qualified quantum candidatefor every three quantum job openings. By 2025, McKinsey predicts that less than 50 percent of quantum jobs will be filled, unless there are significant changes to the talent pool or predicted rate of quantum-job creation.

Here are five lessons derived from the AI talent journey that can help organizations build the quantum talent they need to capture value:

Learn more about McKinsey Digitaland check out quantum-computing job opportunities if youre interested in working at McKinsey.

Articles referenced:

See the original post here:
What is quantum computing? | McKinsey

Wave Photonics and Partners Receive s 500 Thousand ($627K USD) Grant from Innovate UK for Researching Photonics Chips for Trapped Ion Processors -…

Posted on by

Wave Photonics and Partners Receive s 500 Thousand ($627K USD) Grant from Innovate UK for Researching Photonics Chips for Trapped Ion Processors  Quantum Computing Report

Read more:
Wave Photonics and Partners Receive s 500 Thousand ($627K USD) Grant from Innovate UK for Researching Photonics Chips for Trapped Ion Processors -...

Timeline: Who is Julian Assange? | Reuters

Posted on by

FILE PHOTO: WikiLeaks founder Julian Assange arrives at the Westminster Magistrates Court, after he was arrested in London, Britain April 11, 2019. REUTERS/Hannah McKay/File Photo Acquire Licensing Rights

(Reuters) - WikiLeaks founder Julian Assange will seek to be released from prison on bail on Wednesday after a British judge refused to extradite to him to the United States, where he is wanted to face criminal charges.

Following are some key events and details in Assange's life:

July 1971 - Assange is born in Townsville, Australia, to parents involved in theatre. As a teenager, he gains a reputation as a computer programmer, and in 1995 is fined for computer hacking but avoids prison on condition he does not offend again.

2006 - Founds WikiLeaks, creating an internet-based "dead letter drop" for leakers of classified or sensitive information.

April 5, 2010 - WikiLeaks releases leaked video from a U.S. helicopter showing an air strike that killed civilians in Baghdad, including two Reuters news staff.

July 25, 2010 - WikiLeaks releases over 91,000 documents, mostly secret U.S. military reports about the Afghanistan war.

October, 2010 - WikiLeaks releases 400,000 classified military files chronicling the Iraq war. The next month, it releases thousands of U.S. diplomatic cables, including candid views of foreign leaders and blunt assessments of security threats.

Nov. 18, 2010 - A Swedish court orders Assange's arrest over rape allegations, which he denies. He is arrested in Britain the next month on a European Arrest Warrant but freed on bail.

February 2011 - London's Westminster Magistrates Court orders Assange's extradition to Sweden. He appeals.

June 14, 2012 - The British Supreme Court rejects Assange's final appeal and five days later he takes refuge in Ecuador's embassy in London and seeks political asylum, which Ecuador grants in August 2012.

April 13, 2017 - U.S. Secretary of State Mike Pompeo, then CIA chief, describes WikiLeaks as "a non-state hostile intelligence service often abetted by state actors like Russia".

May 19, 2017 - Swedish prosecutors discontinue their investigation, saying it is impossible to proceed while Assange is in the Ecuadorean embassy.

April 11, 2019 - Assange is carried out of the embassy and arrested after Ecuador revokes his political asylum. He is sentenced on May 1 to 50 weeks in prison by a British court for skipping bail. He completes the sentence early but remains jailed pending extradition hearings.

May 13, 2019 - Swedish prosecutors reopen their investigation and say they will seek Assange's extradition to Sweden.

June 11, 2019 - The U.S. Justice Department formally asks Britain to extradite Assange to the United States to face charges that he conspired to hack U.S. government computers and violated an espionage law.

Nov. 19, 2019 - Swedish prosecutors drop their rape investigation, saying the evidence is not strong enough to bring charges, in part because of the passage of time.

Feb. 21, 2020 - A London court begins the first part of extradition hearings which are adjourned after a week. The hearings are supposed to resume in May but are delayed until September because of the COVID-19 pandemic.

Jan. 4, 2021 - Judge Vanessa Baraitser concludes it would be "oppressive" to extradite him to the United States because of his frail mental health, saying there was a real risk he would take his own life.

Reporting by Michael Holden; Editing by Catherine Evans

Our Standards: The Thomson Reuters Trust Principles.

View post:
Timeline: Who is Julian Assange? | Reuters