For the past few years, Apple has been slowly working on eradicating the use of passwords as single points of entry across all of its platforms, moving to two-factor authentication for Apple IDs, Touch ID and Face ID for device access, and even leveraging the Apple Watch as a means to bypass the need to enter passwords on macOS.

After all, passwords have generally proven themselves to be a very bad idea. Since they rely on people to remember them, many users choose fairly obvious phrases, leaving themselves open to hackers, or they reuse their password across multiple sites, resulting in a data breach on one site giving hackers the keys to all of their other accounts.

Unfortunately, as much as new technologies have emerged to either supplement or replace passwords, its a slow process, since unlike an Apple Watch, iPhone, or USB security key, a password is something that anybody can store in their head and use no matter where they happen to be.

Last year, Apple added support for physical security keys in iOS 13.3, allowing you to use a Lightning, USB, or even NFC key to authenticate to websites securely, and earlier this month even Google embraced the feature, taking advantage of the native support in Safari and iOS 13.3 to let users log into their Gmail or Google accounts by tapping an NFC key on the back of their iPhone as a second factor.

Earlier this year, Apple also officially joined the FIDO alliance, a consortium of companies behind secure authentication systems like physical USB and NFC security keys, and likely in connection with that, Apple will be enabling fully password-less login to websites in the version of Safari that will be shipping with iOS 14 and macOS Big Sur.

Instead, users will be able to authenticate supported websites using either Face ID or Touch ID, without needing to enter a password at all.

While in some ways this may seem similar to the Sign in With Apple feature that the company debuted in iOS 13 last year, its actually something completely different, since Apple is leveraging an open standard for this that doesnt have anything at all to do with your Apple ID.

This new capability is built using the WebAuthn component of the FIDO2 standard the same component thats already being used by Apple and Google to support physical USB and NFC security keys and promises to make logging into a website using Face ID or Touch ID as easy as opening an app.

Apple outlined the new feature in a WWDC session video for developers, showing how it will work and how it can be implemented, but of course, its not going to just start magically working with every website out there web developers are going to have to implement WebAuthn on their websites in order to support it, but the fact that Apples mainstream Safari browser is embracing it should hopefully help to drive adoption more quickly.

While you can already use Touch ID or Face ID with your iOS keychain to autofill passwords into websites, this new method will be considerably more secure, since it eliminates the password entirely. Theres no password for a hacker to try and guess at or phish for, and the WebAuthn standard uses strong public-key cryptography to prevent your biometric credentials from being intercepted and reused (known as a replay attack).

To be clear, however, this wont actually involve sending your face or fingerprints from your iPhone or iPad to a remote website. Instead, the system generates a cryptographic key, which is for all intents and purposes like an extremely long and random one-time password. This will presumably be stored in the Secure Enclave, where Face ID or Touch ID will be required to unlock it before it can be generated and transmitted to the remote website.

In the same way that hardware keys function, the credentials created by this process can only be transmitted to and recognized by the website for which they were created, and since theyre generated and stored entirely in the Secure Enclave, they cant be exported, meaning that its completely impossible for them to be divulged to third-parties. Its the same technology thats used for Apple Pay and which will also be used to leverage Apples new Car Key feature in iOS 14, and in fact even Google began using it earlier this year to allow iPhone owners to use their devices in place of a physical security key for securely logging in to Google accounts.

Visit link:
iOS 14 and macOS Big Sur May Finally Herald the End of Passwords - iDrop News

The U.S. Department of Energy (DOE) announced this week that it has named 76 scientists from across the country, including assistant professor of physics Chen Wang, to receive significant funding for research with its Early Career Award. It provides university-based researchers with at least $150,000 per year in research support for five years.

DOE Under Secretary for Science Paul Dabbar says DOE is proud to support funding that will sustain Americas scientific workforce and create opportunities for our researchers to remain competitive on the world stage. By bolstering our commitment to the scientific community, we invest into our nations next generation of innovators.

Wang says, I feel very honored to receive this award. This is a great opportunity to explore a new paradigm of reducing error for emerging quantum technologies.

His project involves enhancing quantum bit (qubit) performance using a counter-intuitive new approach. He will harness friction usually an unwelcome source of error in quantum devices to make qubits perform with fewer errors. The work is most relevant for quantum computing, he says, but potential applications include also cryptography, communications and simulations.

One of the basic differences between classical and quantum computing which is not in practical use yet is that classical computers perform calculations and store data using stable bits labeled as zero or one that never unintendently change. Accidental change would introduce error.

By contrast, in quantum computing, qubits can flip from zero to one or anywhere between. This is a source of their great promise to vastly expand quantum computers ability to perform calculations and store data, but it also introduces errors, Wang explains.

The world is intrinsically quantum, he says, so using a classical computer to make predictions at the quantum level about the properties of anything composed of more than a few dozens of atoms is limited. Quantum computing increases the ability to process information exponentially. With every extra qubit you add, the amount of information you can process doubles.

Think of the state of a bit or a qubit as a position on a sphere, he says. For a classical bit, a zero or one is stable, maybe the north or south pole. But a quantum bit can be anywhere on the surface or be continuously tuned between zero and one.

To address potential errors, Wang plans to explore a new method to reduce qubit errors by introducing autonomous error correction the qubit corrects itself. In quantum computing, correcting errors is substantially harder than in classical computing because you are literally forbidden from reading your bits or making backups, he says.

Quantum error correction is a beautiful, surprising and complicated possibility that makes a very exciting experimental challenge. Implementing the physics of quantum error correction is the most fascinating thing I can think of in quantum physics.

We are already familiar with how friction helps in stabilizing a classical, non-quantum system, he says, such as a swinging pendulum. The pendulum will eventually stop due to friction the resistance of air dissipates energy and the pendulum will not randomly go anywhere, Wang points out.

In much the same way, introducing friction between a qubit and its environment puts a stabilizing force on it. When it deviates, the environment will give it a kick back in place, he says. However, the kick has to be designed in very special ways. Wang will experiment using a super-cooled superconducting device made of a sapphire chip on which he will deposit a very thin patterned aluminum film.

He says, Its a very difficult challenge, because to have one qubit correct its errors, by some estimates you need tens to even thousands of other qubits to help it, and they need to be in communication. But it is worthwhile because with them, we can do things faster and we can do tasks that are impossible with classical computing now.

Excerpt from:
Physicist Chen Wang Receives DOE Early Career Award - UMass News and Media Relations

>> Electronic Design Resources.. >> Library: Article Series.. .. >> Series: The Cryptography Handbook

Threats from various sources relentlessly attack all our connected systems. Connected systems dont necessarily mean those connected to the internet. It could also include a pulse oximeter connected to a patient in a hospital environment or a printer cartridge connected to a printer. The current plethora of Internet of Things (IoT) devices like thermostats and refrigerators are also susceptible to hacking. Lets look at a few of these threats and learn how to protect your devices and see what kind of planning you need to do.

Threats

Two kind of threats face developers today: threats to systems and threats to security ICs.

Threats to systems have been well covered by other sources, so well focus on threats to security ICs. A security IC can be attacked by one or more of the following attack methods:

Most of the time, side-channel attacks are noninvasive attacks, i.e., they dont destroy the IC. Decapping and micro-probing, which physically investigate various features of the IC, are invasive attacks that can destroy the IC.

Were wont go into too much detail about how these attacks are carried out, but well present a couple of simple examples.

Active Side-Channel Attack: Glitch Attack

A side channel includes any information thats available as a side effect of the physical implementation of hardware. This may include power consumption, injection of faults, etc. Figure 1 shows a type of side-channel attack using clock glitches. This is an example of a noninvasive attack.

1. An active side-channel attack is an example of a noninvasive attack.

An individual skilled enough to look at the unknown output from a clock glitch or sped-up clock could discover a pattern that could eventually reveal an encryption key.

Decapsulation

Decapsulation, also knows as de-capping, involves soaking the plastic package that encapsulates the silicon die into fuming nitric acid and melting the package away (Fig. 2). Normally, before thats done, the lead frame holding the semiconductor die is secured on a frame. This is considered an invasive attack.

2. Semiconductor packages are vulnerable to invasive attacks.

Semiconductor Package

Once the package is melted away, the die gets exposed and this gives the hacker an opportunity to directly probe all of the available pads, including pads that the manufacturer used for internal setup (Fig. 3). They can also polish away the top protective glass and access the internal interconnects of the device. Using this direct method, the hacker will try to gain access to the devices secrets.

3. Hackers can directly probe available pads on a chip (top view).

Countermeasures

To prevent people with malicious intent from breaking into a secure device, it must be designed with features that not only provide security, but also protect the device from attacks.

For example, Maxims secure devices have robust countermeasures to protect against these attacks. Some of the implemented features include:

Security Planning

Depending on the application need, the user must decide what features of cryptography are appropriate for deployment. The table below gives some examples of application needs and the resultant measures that must be applied.

For example, if someone is trying to prevent a medical surgical tool from being counterfeited, they must ensure that every time a tool is connected to the host controller (Fig. 4), the tools authenticity is checked. It will also require protection against any malware from being installed in the tool, which could potentially harm the patient. The need to protect any calibration data that was stored is paramount as well.

4. Security planning should include counterfeit prevention for medical devices like surgical tools.

However, because the possibility of snooping between the tool and the host controller is next to impossible due to closed system connectivity, this system will not require protection against eavesdropping. Thus, in this case, the system designer should plan for all of the protections under the Authenticity column, but can skip unnecessary protection listed under the Confidentiality column.

Conclusion

Threats to ICs are ever present and come from many sources. A system designer needs to be aware of the types of threats and plan accordingly. This article gave you some simple insights into how that can be achieved.

But if youre a busy product developer with a tight deadline, do you really have the time to be an expert in this field as well as complete your design on time? Probably not. Thats where the use of a secure authenticator designed and built by industry experts may be a good option.

The next article in this series will review how secure authentication products can be quickly deployed for cryptographic security needs.

Zia A. Sardar is Principal Member of Technical Staff at Maxim Integrated.

>> Electronic Design Resources.. >> Library: Article Series.. .. >> Series: The Cryptography Handbook

Read more:
Time to Think About the How and Where of Cryptography - Electronic Design

PALO ALTO, Calif.--(BUSINESS WIRE)--NTT Research, Inc., a division of NTT (TYO:9432), today announced that it has named Dr. Tetsuhiko Teshima as a Research Scientist in its Medical and Health Informatics (MEI) Lab. Dr. Teshima has also joined the Technical University of Munich (TUM) Neuroelectronics Group as a Visiting Researcher. NTT Research and TUM last fall entered into a joint research agreement to explore implantable electronic systems to affect the future of patient care. An expert in micro technologies, Dr. Teshima will be working full-time at TUM in the area of advanced neuroelectronics and biosensor technology. Dr. Teshima began his three-year appointment on March 1, 2020.

Dr. Teshimas research has covered a broad range of topics that overlap with the MEI Labs mission, including micro bio-nano interfaces, parasitology, soft matter, hierarchical self-assembly, thin-film manufacturing techniques, soft lithography, microfluidics, revolutionary tools for single-cell measurements, mechano-biology and three-dimensional synthetic tissue and organs. He comes to NTT Research after holding positions at NTTs Bio-medical Informatics Research Center, the National Institute of Science and Technology Policy (NISTEP) and NTTs Basic Research Laboratories. He holds a M.S. (biology) and Ph.D. (information science and technology) from the University of Tokyo, where he also held a Japan Society for the Promotion of Science (JSPS) post-doctoral fellowship for three years at the Institute of Industrial Science.

Dr. Teshima is a top young scientist in Japan who has made a mark in various areas of micro technologies, said MEI Lab Director Hitonobu Tomoike. I expect a good chemical reaction between him and the brilliant scientists in Munich.

NTT Research also announced that it has named Vipul Goyal as Senior Scientist in its Cryptography and Information Security (CIS) Lab. Dr. Goyal is an associate professor of computer science, Carnegie Mellon University, which he joined in 2016. Previously, he spent seven years as a researcher in the Cryptography and Complexity Group at Microsoft Research, India. He is a winner of several honors, including a 2016 Association for Computing Machinery (ACM) Conference on Computer and Communications Security (CCS) test-of-time Award, a JP Morgan faculty fellowship, and a Google outstanding graduate student award. He received his Ph.D. at the University of California, Los Angeles.

Named to Forbes Magazines 30 Under 30 list of people changing science and healthcare in 2013, Dr. Goyal has published more than 80 technical papers. Broadly interested in all areas of cryptography, he has a particular focus on the foundations of the field. His current research topics include secure multi-party computation, non-malleable cryptography and foundations of blockchains.

Also joining the CIS Lab is Justin Holmgren as Scientist. Prior to his current role at NTT Research, Dr. Holmgren was a Google Research Fellow at the Simons Institute for the Theory of Computing. Dr. Holmgren was previously a post-doctoral research fellow at Princeton University and received his Ph.D. in 2018 at the Massachusetts Institute of Technology (MIT), where he was advised by Professor Shafi Goldwasser. His work, which includes 15 published papers, has notably advanced the feasibility of securely outsourcing computation, private information retrieval and software watermarking. At NTT Research, he will be studying the foundational theory of cryptography, along with its interplay with diverse areas of computer science.

We are delighted to welcome Drs. Goyal and Holmgren on our journey to a more secure future for everyone, said CIS Lab Director Tatsuaki Okamoto. Only by engaging the strongest and most dedicated researchers can we address the foundational research problems in cryptography, and so deliver long-term impact to the field.

In related personnel news, NTT Research last month announced the appointment of Joe Alexander (M.D., Ph.D.) as Distinguished Scientist in the MEI Lab and Hoeteck Wee as a Senior Scientist in the CIS Lab. Dr. Alexander is leading the MEI Labs bio digital twin initiative. In February, NTT Research announced that the CIS Lab had reached joint research agreements with UCLA and Georgetown University, covering theoretical aspects of cryptography and global scale blockchain testbed research, respectively. NTT Researchs Physics and Informatics (PHI) Lab last year reached joint research agreements with six universities, one government agency and one quantum computing software company.

About NTT Research

NTT Research opened its Palo Alto offices in July 2019 as a new Silicon Valley startup to conduct basic research and advance technologies that promote positive change for humankind. Currently, three labs are housed at NTT Research: the Physics and Informatics (PHI) Lab, the Cryptography and Information Security (CIS) Lab, and the Medical and Health Informatics (MEI) Lab. The organization aims to upgrade reality in three areas: 1) quantum information, neuro-science and photonics; 2) cryptographic and information security; and 3) medical and health informatics. NTT Research is part of NTT, a global technology and business solutions provider with an annual R&D budget of $3.6 billion.

NTT and the NTT logo are registered trademarks or trademarks of NIPPON TELEGRAPH AND TELEPHONE CORPORATION and/or its affiliates. All other referenced product names are trademarks of their respective owners. 2020 NIPPON TELEGRAPH AND TELEPHONE CORPORATION

Visit link:
NTT Research Builds Upon its Micro Technologies and Cryptography Expertise with Distinguished New Hires - Business Wire

WikiLeaks founder Julian Assange is currently being held on remand in a London maximum-security prison, solely on the basis of a U.S. extradition request. Assange has been charged with 17 counts of espionage related to WikiLeaks 2010 to 2011 publications concerning the U.S. wars in Iraq and Afghanistan, embarrassing U.S. diplomatic communications and evidence of torture in the Guantanamo Bay detention camp.

Assanges U.S. extradition case is recognized by free speech groups as the most important press freedom case of the 21st century. As the aggressive judicial overreach of this U.S. government is already creating a chilling effect on reporters and media organizations, some recognize consequences far beyond the future of journalism.

Julian Assanges father, John Shipton, who regularly attends cryptocurrency conferences, has warned those who are involved in the development of new technologies that they are not immune to suffering the same fate as his son.

How does the prosecution of Assange threaten the crypto movement? And why does the Bitcoin community need to be concerned about his plight for freedom?

At its heart, WikiLeaks is an innovative endeavor. Started as a project of Sunshine Press, it was an invention of a new form of journalism built on the platform of the internet. On its websites About page, WikiLeaks described how it started with an online dialogue between activists around the world, who shared their aspiration to eliminate injustice and human suffering caused by the abuses of power of corporations and governments, especially oppressive regimes.

WikiLeaks also acknowledges the efforts of Philip Zimmerman, the creator of an encryption software program known as Pretty Good Privacy, or PGP, and how the vision of this lone computer programmer in Colorado instigated a global revolution for mass distribution of privacy technologies.

Inspired by this pioneer of private and secure online communication, the founding members of WikiLeaks sought for a way to deploy information technologies to create a robust system of publishing that protects the anonymity of sources and enables transparency of the powerful. This new journalistic organization aimed to make document leaking technology available at a global scale in order to better bring accountability to governments and other institutions.

History has shown how new ideas and inventions are often met with opposition and fierce condemnation by the state. At the start of the 1990s, when Zimmermann released PGP, the U.S. government considered what he had done the equivalent of exporting munitions. It launched a three-year criminal investigation against him, creating a battle over encryption that became known to some as The Crypto Wars. The case was eventually dropped when U.S. courts ruled that software source code qualifies as speech protected by the First Amendment of the U.S. Constitution.

Two decades later, WikiLeaks efforts to amplify information technologies to tackle the problem of government secrecy created another global revolution, this time disrupting the media landscape. Like its forerunner, this new free press of the digital age soon became a target of political retaliation.

After WikiLeaks released classified documents that revealed U.S. war crimes, the U.S. government decided that its editor-in-chief had damaged national security, though it produced no shred of evidence that the published documents caused any harm. It effectively declared war on the First Amendment, charging an Australian journalist under the Espionage Act in the District Court for the Eastern District of Virginia. Just as in the first Crypto War, where it tried to ban encryption, it was now trying to shut down WikiLeaks.

What is this new Crypto War now being waged against the whistleblowing site all about? This battle is not just about Assange as an individual. While mainstream media fixates on Assange and his character, WikiLeaks is not driven solely by one charismatic man. Behind the organization, there are thousands of ordinary people worldwide who are dedicated to the principle of freedom of speech.

At the end of 2010, when WikiLeaks began publishing troves of sensitive U.S. diplomatic cables, its website came under heavy pressure by the U.S. government and its allies. Insurgency swiftly emerged from deep inside the web to help WikiLeaks counteract distributed-denial-of-service (DDOS) attacks. By keeping multiple copies of its website, and setting up mirror sites, anonymous networks allowed information to continue to flow.

Inspiring those collective acts of resistance in an underground subculture of the internet are shared values and ideals, embodied in the cypherpunk philosophy. Emerging in the late 1980s, the cypherpunk movement is a loosely tied group of mathematicians, computer scientists and online activists who advocate privacy through the use of strong cryptography.

Assange is known to have joined the cypherpunk mailing list in late 1993 or early 1994. His engagement with those on the edges on the internet had a large influence on his intellectual development. The native Australian software programmer and expert in cryptography once summed up the core values behind WikiLeaks by saying, capable, generous men do not create victims, they nurture victims.

He acknowledged this is something that he learned from his own father and other capable, generous men in his life. This moral value, installed at an early age, found practical application in the cypherpunks core belief: Cryptography can be a key tool for protecting individual autonomy threatened by power.

In his 2006 essay Conspiracy as Governance, a kind of manifesto from which WikiLeaks was conceived, Assange analyzed the structure of power and means to shift the balance of power between the individual and the state. By using cryptography as a non-violent democratic weapon that gives claws to the weak, Assange found a way to provide information to the public, to hold the powerful accountable, and to help ordinary people empower themselves with knowledge.

Cypherpunks saw the political implications of their work and strove for proper use of the power inherent in cryptography. This attitude has shaped the ethics of cryptographers and defined cypherpunk cryptography as crypto with values.

Eric Hughes who, in 1992, co-founded the influential cypherpunk mailing list, together with Timothy C. May and John Gilmore, described those values as openness, the free flow of information and decentralization. In A Cypherpunks Manifesto, published in 1993, he declared that code is free for all to use, worldwide. Assange also articulated the moral values of cypherpunks, noting the whole point of free software is to liberate it in all senses. He added that, Its part of the intellectual heritage of man. True intellectual heritage cant be bound up in intellectual property.

Instead of claiming ownership of their knowledge, cypherpunks aimed to build software on a ground of free sharing and open platforms, in which everyone can participate and make contributions to the development and utilization.

Zimmermann gave PGP away online, making the source code free and freely available. Through people all over the world simply downloading and using it, the decentralization of that technology helped to secure the right to privacy at a large scale. By deploying an anonymous, secure drop box, WikiLeaks made it possible for people around the globe to speak out against their governments wrongdoing without fear of their identity being revealed. Courage of whistleblowers became contagious, creating waves of disclosures. WikiLeaks, powered by free software, began to liberate information that had been captured under the proprietary ownership of corporations and governments.

It is with this cypherpunk vision of ethics that Satoshi Nakamoto, the pseudonymous creator of Bitcoin, also published its white paper online. The invention of Bitcoin, a peer-to-peer electronic cash system, unleashed the revolutionary power of cryptography. This community-driven, free software project set in motion a decentralized movement to liberate money from the monopoly of central banks. By people across the world simply choosing to run full nodes, each containing a complete record of all Bitcoin transactions, a network secures this stateless digital cash as a form of free speech that belongs to everyone.

Years before the U.S. governments assault on free speech escalated into the indictment against the WikiLeaks founder, the mysterious creator of Bitcoin recognized the potential fate that would befall the worlds first global Fourth Estate.

In December 2010, WikiLeaks faced the unlawful financial blockade imposed by private payment processing companies, and the organization was considering using Bitcoin to circumvent it. Satoshi, who was concerned about the risk of drawing unwanted government attention to his then infant currency, appealed to WikiLeaks not to take such action.

In an online post, Satoshi noted that, WikiLeaks has kicked the hornets nest, and the swarm is headed towards us.

WikiLeaks eventually did turn to Bitcoin to achieve financial sovereignty. And now the swarm is now getting larger, bringing a new war on cryptography.

The citizens of the internet have been longing for another world, independent from the old world of exploitation, violence and control. Dreams for freenet, for the internet to become an emancipatory tool for building peer-to-peer systems, have united people around the world together in the frontier of cyberspace.

Meanwhile, the U.S. governments prosecution of Assange is a direct attack on freedom of expression; peoples ability to form and exchange ideas and collaborate creatively. What is now being threatened is our shared values and a vision for the future of the internet at the heart of Bitcoins decentralized consensus.

Bitcoin, from its inception, was a political act. This is shown in the highly politicized message in the genesis block, referring to a banking bailout. In the lively discussion of public cryptography in 1992 on the cypherpunk mailing list, the late Hal Finney, a noted cryptographer who is considered to be one of the earliest Bitcoin pioneers, reminded us of the ethical responsibility of cryptographers:

The computer can be used as a tool to liberate and protect people, rather than to control them, Finney, who received the very first bitcoin transaction sent by Satoshi, wrote, urging Bitcoin early adopters to put their unearned wealth to good use.

Now, as Assanges U.S. extradition battle intensifies, the internet is calling for the rise of cypherpunks Assanges fellow capable generous men, who exercise their power for social good to unite once again and take up their moral duty. The future of the internet believes in Bitcoin, the potential of this crypto with values to become the currency of resistance to defend its freedom.

Authors Note: WikiLeaks has launched the official campaign page, Dont Extradite Assange. You can get information on how you can help stop Assanges extradition. Please consider donating to the WikiLeaks official Defense Fund and take action.

This is a guest post by Nozomi Hayase. Opinions expressed are entirely her own and do not necessarily reflect those of BTC Inc or Bitcoin Magazine.

Read more:
Julian Assange Extradition and the Freedom of Bitcoin Bitcoin... - Bitcoin Magazine

Safari 14, the version of Apples browser that will ship with iOS 14 and macOS Big Sur, will let you use Face ID or Touch ID to log in to websites built to support the feature. The functionality was confirmed the browsers beta release notes, and Apple has detailed how the feature works in a WWDC video for developers. The functionality is built on the WebAuthn component of the FIDO2 standard, developed by the FIDO Alliance. It should make logging into a website as easy as logging into an app secured with Touch ID or Face ID.

WebAuthn is an API that aims to make web logins simpler and more secure. Unlike passwords, which are often easily guessed and vulnerable to phishing attacks, WebAuthn uses public key cryptography and can use security methods like biometrics or hardware security keys to verify your identity. Its a standard that individual websites need to add support for, but being supported by the stock browser in iOS has the potential to be a major boost for adoption.

This isnt the first time Apple has supported parts of the FIDO2 standard. Last years iOS 13.3 added support for physical FIDO2-compliant security keys with the Safari web browser, and Google started making use of this with its accounts on iOS earlier this month. These security keys offer more protection for your account since an attacker would need physical access to your key to gain access to your account. Support for security keys also came to Safari on macOS in 2019. However, Safari 14s functionality should be a lot more seamless, relying on the biometric security thats built into your Apple device rather than needing a separate piece of hardware in the form of a security key.

The new iOS functionality is similar to whats previously been added to Android. Googles mobile OS gained FIDO2 certification last year, and the company later made it possible to log into some of its services in the Chrome browser on Android without needing a password.

Apples devices have been able to use Touch ID and Face ID as part of the online login process in the past, but previously, this has relied on using the biometric security to autofill previously stored passwords into websites. Once set up, WebAuthn can be used to bypass the password process, meaning its not vulnerable to the same kinds of attacks that can make passwords insecure.

Apple, which joined the FIDO Alliance earlier this year, joins a growing list of companies that are throwing their weight behind the FIDO2 standard. As well as the Google initiatives detailed above, Microsoft announced plans to make Windows 10 password-less last year, and it started allowing users to sign into its accounts in its Edge browser using security keys and its biometric Windows Hello security feature back in 2018.

See the rest here:
Safari to support password-less logins via Face ID and Touch ID later this year - The Verge

This well versed report is thoughtfully crafted to arm report readers with convincing market insights on the mettle of all aforementioned factors that propel relentless growth despite significant bottlenecks in the Quantum Cryptography Solutions Market.

This recent research compilation on the Quantum Cryptography Solutions market presents a deep analytical review and a concise presentation of ongoing market trends that collectively inculcate a strong influence on the growth trajectory of the aforementioned Quantum Cryptography Solutions market.

This study covers following key players:ID QuantiqueMagiQ TechnologiesQuantum XCQubitekkQuintessenceLabs

Request a sample of this report @ https://www.orbismarketreports.com/sample-request/92546?utm_source=Pooja

This illustrative research report on the Quantum Cryptography Solutions market is an all-in-one, ready to use handbook of market dynamics that upon mindful inference lends valuable insights on market developments, growth trajectory, dominant trends as well as technological sophistication as well as segment expansion and competition spectrum that have a strong bearing on the growth probabilities of the Quantum Cryptography Solutions market. The report is so designed as to direct concrete headways in identifying and deciphering each of the market dimensions to evaluate logical derivatives which have the potential to set the growth course in the aforementioned Quantum Cryptography Solutions market.

This high-end research comprehension on the Quantum Cryptography Solutions market renders major impetus on detailed growth facets, in terms of product section, payment and transaction platforms, further incorporating service portfolio, applications, as well as a specific compilation on technological interventions that facilitate ideal growth potential of the market.

Access Complete Report @ https://www.orbismarketreports.com/global-quantum-cryptography-solutions-market-growth-analysis-by-trends-and-forecast-2019-2025utm_source=Pooja

Market segment by Type, the product can be split into NetworkApplication Security

Market segment by Application, split into G&PDefenseBFSITelecom

Besides presenting notable insights on market factors comprising above determinants, this specific, innately crafted research report offering further in its subsequent sections states information on regional segmentation, as well as thoughtful perspectives on specific understanding comprising region-specific developments as well as leading market players objectives to trigger maximum revenue generation and profits. This particular section of the Quantum Cryptography Solutions market report specifically stresses upon various indigenous tactical discretion that eventually contributed towards soliciting heralding market consolidation, impeccable stability and sustainable revenue pools, the ultimate touchstone to judge the potency of the Quantum Cryptography Solutions market.

The report further unveils pertinent details about segment contribution in coining ample revenue flow, sustainability and long term growth in global Quantum Cryptography Solutions market. A thorough knowledge base of market facets remains integral and indispensable to decode Quantum Cryptography Solutions market prognosis.

Some Major TOC Points:1 Report Overview2 Global Growth Trends3 Market Share by Key Players4 Breakdown Data by Type and ApplicationContinued

In addition to all of the above stated inputs, discussed at length in the report, the report sheds tangible light on dynamic segmentation based on which the market has been systematically split into prominent segments inclusive of type, end use technology, as well as region specific diversification of the Quantum Cryptography Solutions market to encourage highly remunerative business discretion. The report sheds light on the particular segment that sets revenue maximization, rolling, thus incurring steady growth in revenues and contributing towards steady sustenance of the Quantum Cryptography Solutions market.

For Enquiry before buying report @ https://www.orbismarketreports.com/enquiry-before-buying/92546?utm_source=Pooja

About Us : With unfailing market gauging skills, has been excelling in curating tailored business intelligence data across industry verticals. Constantly thriving to expand our skill development, our strength lies in dedicated intellectuals with dynamic problem solving intent, ever willing to mold boundaries to scale heights in market interpretation.

Contact Us : Hector CostelloSenior Manager Client Engagements4144N Central Expressway,Suite 600, Dallas,Texas 75204, U.S.A.Phone No.: USA: +1 (972)-362-8199 | IND: +91 895 659 5155

Go here to read the rest:
Global Quantum Cryptography Solutions Market is accounted for xx USD million in 2019 and is expected to reach xx USD million by 2025 growing at a CAGR...

A recent report published by QMI on quantum cryptography market is a detailed assessment of the most important market dynamics. After carrying out thorough research of quantum cryptography market historical as well as current growth parameters, business expectations for growth are obtained with utmost precision. The study identifies specific and important factors affecting the market for quantum cryptography during the forecast period. It can enable companies investing in quantum cryptography market to change their production and marketing strategies in order to envisage maximum growth.

Get Sample Copy of This Report @https://www.quincemarketinsights.com/request-sample-62405?utm_source=Pooja/PF

According to the report, thequantum cryptography market has been segmented, by component (solutions and services), by services (consulting and advisory, deployment and integration, and support and maintenance), by security type (network and application security), by vertical (government and defense, bfsi, retail, healthcare, automotive, others).

Insights about regional distribution of market:

The market has been segmented in major regions to understand the global development and demand patterns of this market.

For quantum cryptography market, the segments by region are for North America, Asia Pacific, Western Europe, Eastern Europe, Middle East, and Rest of the World. During the forecast period, North America, Asia Pacific and Western Europe are expected to be major regions on the quantum cryptography market.

North America and Western Europe have been one of the key regions with technological advancements in ICT, electronics & semiconductor sector. Factors like the use of advanced technology and presence of global companies to cater the potential end users are favourable for the growth of quantum cryptography market.Also, most of the leading companies have headquarters in these regions.

Company profiled in this report based on Business overview, Financial data, Product landscape,Strategic outlook & SWOT analysis:

Make an Inquiry for purchasing this Report @https://www.quincemarketinsights.com/enquiry-before-buying/enquiry-before-buying-62405?utm_source=Pooja/PF

Asia Pacific is estimated to be one of the fastest growing markets for quantum cryptography market. Major countries in the Asia Pacific region are China, Japan, South Korea, India and Australia. These economies in the APAC region are major contributors in the ICT, electronics & semiconductor sector. In addition to this, government initiatives to promote technological advancement in this region are also one of the key factors to the growth of quantum cryptography market. Middle East and rest of the World are estimated to be emerging regions for quantum cryptography market.

Market Segmentation:

ByComponent:

Solution and Services

ByServices:

Consulting and Advisory

Deployment and Integration

Support and Maintenance

By Security Type:

Network and Application Security

ByVertical:

Government and defense

BFSI

Retail

Healthcare

Automotive

Others

By Region:

North America

North America, by Country

US

Canada

Mexico

North America, by Component

North America, by Services

North America, by Security Type

North America, by Vertical

Western Europe

Western Europe, by Country

Germany

UK

France

Italy

Spain

The Netherlands

Rest of Western Europe

Western Europe, by Component

Western Europe, by Services

Western Europe, by Security Type

Western Europe, byVertical

Asia Pacific

Asia Pacific, by Country

China

India

Japan

South Korea

Australia

Indonesia

Rest of Asia Pacific

Asia Pacific, by Component

Asia Pacific, by Services

Asia Pacific, by Security Type

Asia Pacific, byVertical

Eastern Europe

Eastern Europe, by Country

Russia

Turkey

Rest of Eastern Europe

Eastern Europe, by Component

Eastern Europe, by Services

Eastern Europe, by Security Type

Eastern Europe, byVertical

Middle East

Middle East, by Country

UAE

Saudi Arabia

Qatar

Iran

Rest of Middle East

Middle East, by Component

Middle East, by Services

Middle East, by Security Type

Middle East, byVertical

Rest of the World

Rest of the World, by Country

South America

Africa

Rest of the World, by Component

Rest of the World, by Services

Rest of the World, by Security Type

Rest of the World, byVertical

Objectives of this report:

Reasons to Buy This Report:

Customization:

This study is customized to meet your specific requirements:

Contact UsQuince Market InsightsAjay D. (Knowledge Partner)Office No- A109,Pune, Maharashtra 411028Phone: +91 706 672 5858/+1 208 405 2835/+91 706 672 4848Email:[emailprotected]Web:www.quincemarketinsights.com

ABOUT US:QMI has the most comprehensive collection of market research products and services available on the web. We deliver reports from virtually all major publications and refresh our list regularly to provide you with immediate online access to the worlds most extensive and up-to-date archive of professional insights into global markets, companies, goods, and patterns.

Here is the original post:
Quantum Cryptography Market Analysis Growth Opportunities and Demand Drives by 2016 to 2028 - Owned

Tel Aviv University's online cybersecurity course - free and already viewed by users in 150 countries - has taken the top spot in the world among the online courses available in the field.

Launched in December 2019 by Prof. Avishai Wool and Dan Gittik with the help of the Israeli company Checkpoint, the online course "Unlocking Information Security," reached number one in six months.

Illustration

(Photo: Shutterstock)

It also came in first place in cryptography courses and sixth among 1,750 online computer courses, surpassing renowned courses from universities such as Stanford and Princeton, according to a statement from Tel Aviv University.

"Students around the world are looking for the most current and relevant courses," said Yuval Shraibman, director of TAU Online, the Center for Educational Innovation at Tel Aviv University.

"To our great joy, Israel is considered a leading power in the field of cybersecurity, and this new course, therefore, attracts many young people who want to train in information security."

The field of information security is growing rapidly and there is a great demand for employees with knowledge in the field.

Illustration

(Photo: Reuters)

Many companies seek formal training from employees who wish to move into the cybersecurity field.

The course provides its students with an in-depth understanding of key topics in the field, such as cryptography, security of identification systems, attacks and defenses on the internet, and familiarity with viruses and other malware.

The ranking was done by the Class Central website, which coordinates assessments of online university training platforms around the world.

Originally posted here:
Tel Aviv University's online cybersecurity course ranked first in the world - Ynetnews

As part of our mission to make security, privacy, and freedom accessible to all, we maintain two open source cryptography libraries that make it easier for developers to apply strong encryption in their projects. We have been the maintainers of OpenPGP.js since 2016 and GopenPGP since 2019, meaning we are responsible for ensuring these repositories are up-to-date, secure, and accessible.

It is also important that these encryption systems are interoperable i.e., that they can interact with other cryptographic libraries. The more interoperable libraries are, the more widely they can be used.

Thats why today were pleased to announce that we integrated our cryptography libraries into the OpenPGP interoperability test suite. This suite, maintained by the Sequoia PGP team, makes it easier and faster to run compatibility tests between different open source encryption libraries and share the results of those tests. Developers can use this suite to ensure their encrypted apps are compatible with encrypted services that use different implementations of OpenPGP.

This portion is rather technical; however, the important thing to take away is that our encryption team added a specific interface that is shared between different types of OpenPGP software. Even if these other OpenPGP implementations are written in different programming languages, this shared command-line interface lets developers test them together.

To integrate our libraries into the test suite, we implemented the Stateless OpenPGP (sop) command line interface for OpenPGP.js (sop-openpgp-js, expanding on the work by Sequoia) and GopenPGP (gosop). We released both implementations under open source licenses.

The standardized sop interface provides a common ground for testing the compatibility between OpenPGP implementations written in several languages, such as Rust, Python, and C++. The results of these tests show that there is good interoperability between OpenPGP.js, GopenPGP, and the other tested libraries, with widespread support for strong cipher suites, elliptic-curve cryptography, and authenticated ciphers. This analysis exposed a few minor interoperability bugs as well, which we have since fixed.

We are big advocates for open source. As physicists and scientists, we appreciate that open source forces you to show your work. That is why we made all user-facing Proton apps, both for ProtonMail and ProtonVPN, open source and have published all the results of third-party security audits. By taking these steps, any security researcher can verify our code.

We also believe in decentralization and open collaboration, which open source fosters. We have even worked with members of the Proton community on our Linux command line tool for ProtonVPN.

Adding our libraries to the interoperability test suite is a great initiative to drive the OpenPGP protocol forward. It is now even easier for other privacy-focused software and app developers to incorporate strong encryption into their projects. The more apps that are encrypted, the more private data will be protected.

You can get a free secure email account from ProtonMail here.

We also provide a free VPN service to protect your privacy.ProtonMail and ProtonVPN are funded by community contributions. If you would like to support our development efforts, you can upgrade to a paid plan. Thank you for your support.

The post OpenPGP.js and GopenPGP are easier to test with other encryption suites appeared first on ProtonMail Blog.

Recent Articles By Author

*** This is a Security Bloggers Network syndicated blog from ProtonMail Blog authored by ProtonMail Blog. Read the original post at: https://protonmail.com/blog/openpgp-test-suite/

More here:
OpenPGP.js and GopenPGP are easier to test with other encryption suites - Security Boulevard