Stablecoin and other digital assets are falsely framed as a choice between personal privacy and national security. We can have both. – MarketWatch

As the world grapples with the rise of transferable digital assets from central-bank digital currencies (CBDCs) to stablecoins an oft-repeated concept is that national security and law enforcement will be in conflict with individual privacy.

This belief is based on the idea that we have only two choices: either reveal individual identities so that governments can track and trace potentially illicit digital transactions, or preserve individual privacy and severely jeopardize law enforcement interests. This binary concept is on track to inform policy, regulation and product development that could permanently impact the evolution of digital assets, computing systems, and finance.

It is a false choice, and one we should not accept.

The stakes are admittedly high when it comes both to law enforcement and individual privacy. We cannot and should not accept a future digital landscape where terrorists and criminals abuse the system. Nor can we accept a world where individuals sacrifice their right to privacy by exposing, en masse, economic and personal details to commercial or governmental actors.

Todays system of applying anti-money-laundering (AML) and know-your-customer (KYC) requirements is predicated on individuals turning over sensitive personally identifiable information (PII), which is susceptible to hackers and potential invasions of privacy by public and private sector entities. This cache of information, which includes full names, addresses, birthdates, Social Security numbers, business partners and more, is repeatedly disclosed to different institutions making each of them a holder of exceptionally sensitive data that cannot be put back in the bottle once exposed.

Fortunately, recent years has brought a range of privacy-enhancing techniques (PETs) that may create an ideal arrangement. At their core, these techniques are focused on being able to confirm certain critical information about an individual engaging in a transaction (for example, that the individual isnt on a terrorist watchlist), without revealing PII about that individual. Promising areas include zero-knowledge proofs, homomorphic encryption and multi-party computation, which generally enable parties to prove that an encrypted proposition is true without revealing the underlying information.

For example, cryptographic techniques can prove that someone is over 21 years old, rather than showing a drivers license that reveals personal information such as a home address. A zero-knowledge proof can keep such information encrypted, but perform a computation to verify that the encrypted birthdate is on or before the threshold date 21 years prior.

Likewise, cryptography can allow portable credentials that prove, rather than disclose, key elements, such as what trusted entity has conducted customer due diligence, what elements of information were checked, including sanctions lists, and more. This approach can drive expanded opportunities for people to access financial services through digital wallets faster and more broadly, including for economic impact payments and other emergency services. It will also safeguard and secure underlying personal information, which will no longer be as vulnerable to exposure from hacks. PII would only be revealed upon other risk factors justifying it, subject to legal protections.

The privacy technology frontier has meaningful implications for U.S. policy.

First, and most importantly, it is critical that policymakers develop policy based on where technology is headed rather than where it has been. When automobiles first emerged in England, an old law dubbed the Red Flag Act required self-propelled vehicles (previously, only steam-powered locomotives) to be led at walking pace by someone waving a red flag. The New York Times aptly pointed out in 1895 that it served to destroy the usefulness of a horseless carriage.

We should similarly not build rules imposing traditional identity disclosure requirements akin to a mechanic walking alongside a vehicle with a red flag just because we believe it is the only way to satisfy key objectives. Programs including FinCENs PET-dedicated Innovation Hours Program that focus on the important role of privacy-preserving principles in developing technical solutions is an example of forward-leaning approaches that need to be replicated across government to ensure we have rules that incorporate technological advances.

Just as traffic laws, signals, and road signs were a better alternative to people carrying around red flags, privacy-protecting zero-knowledge proofs are a better alternative to people broadly sharing their PII.

Safely ensuring privacy for the digital economy will be a core global competitive advantage.

Second, the U.S. should be pursuing massive investment into public-private research efforts aimed at developing the worlds most advanced privacy-enhancing tools. Safely ensuring privacy for the digital economy will be a core global competitive advantage. It can attract global consumers to adopt American platforms and solutions as they aim to preserve their privacy in the face of increasing surveillance and exploitation efforts, including major nation-state cyber attacks and pervasive global attacks on journalists.

Such collaborative efforts would also embed American norms and values into our digital infrastructure in stark contrast to global competitors. The U.S. decided long ago that although encryption (and the Fourth Amendment) makes it more difficult for the government to monitor activity, that security provides critical protection from anti-democratic authoritarians and attackers. Breaches are significantly less severe if the system comprehensively encrypts (or declines to collect) data from the beginning. Advances in PETs allows for that protection while securely and privately verifying and computing, rather than exposing, data. The choice is not binary.

Some progress is being made. The White Houseissued a comprehensiveExecutive Orderon broader digital asset policy a few monthsago, and agencies are currently putting out requests for more information. For example, the U.S.Treasury Department recently issued a request for comment. There are also a number ofCBDC-related billsthat focus on privacy.

When applied to digital-asset innovations, including development of a digital U.S. dollar, PETs will solve one of the larger perceived policy barriers: having to make a binary choice between privacy and security, when in fact, privacy is a necessary part of security and our democracy. The boundless energy of American ingenuity has been unlocked when people feel secure from exploitation. Advances in cryptography can help ensure personal and democratic resilience with more mathematical certainty and dynamic opportunity than the politically-contingent, binary (and false) trade-offs that are being presented.

Daniel Gorfine is former chief innovation officer of the U.S. Commodity Futures Trading Commission, co-founder of the non-profit Digital Dollar Project, and founder of Gattaca Horizons LLC.

Michael Mosier is former acting director of the U.S. Treasurys Financial Crimes Enforcement Network (FinCEN), former deputy chief of the U.S. Department of Justices Money Laundering & Asset Recovery Section, and is currently general counsel at Espresso Systems.

More: The long-awaited U.S. data-privacy bill appears to be on track, again

Also read: Ro Khanna: Tech-funding bill is not just about jobs its about a new patriotism

See the rest here:
Stablecoin and other digital assets are falsely framed as a choice between personal privacy and national security. We can have both. - MarketWatch

Ethereum Merge Explained: Why It Matters For Everyone – CNET

The Ethereum Merge is significant, and not just for people who own crypto. In the works in one form or another since 2014, the long-delayed Merge will see the second biggest blockchain reduce its carbon emissions by an enormous amount. If the Merge is successful, ethereum's electricity requirements will fall by over 99%.

That is of huge consequence. Cryptocurrency critics argue that coins like bitcoin and ether are useless and consume enormous amounts of electricity. The first point is polarizing and subjective, butthe second is unequivocally true. In an era when more people than ever view climate change mitigation as society's highest priority, the carbon emissions of bitcoin and ethereum are too conspicuous to ignore.

In the Merge, ethereum will adopt a system known as proof of stake, which has been planned since before the blockchain's creation in 2014. Because of its technical complexity, and the increasingly large amount of money at risk, it has been delayed multiple times. The Merge is part of what in the past was called "ether 2.0," a series of upgrades that reshape the blockchain's foundations. Mid-September is the goal deadline.

"We've been working on proof of stake for about seven years now," ethereum co-creator Vitalik Buterin said at the Eth Shanghai conference in March, "but finally all of that work is coming together."

Here's everything you need to know to make sense of the big day.

To understand the Merge, you first need to understand the role of cryptocurrency miners.

Say you wanted to mine cryptocurrency. You'd set up a powerful computer -- a mining rig -- to run software that attempts to solve complex cryptographic puzzles. Your rig competes with hundreds of thousands of miners around the world trying to solve the same puzzle. If your computer unscrambles the cryptography first, you win the right to "validate" a block -- that is, add new data to the blockchain. Doing so gives you a reward: Bitcoin miners get 6.25 bitcoin ($129,000) for every block they verify, while ethereum miners get 2 ether ($2,400) plus gas, which are the fees users pay on each transaction (which can be huge).

It takes a powerful computer to have a chance in this race, and people typically set up warehouses full of rigs for this purpose. This system is called "proof of work," and it's how both bitcoin and ethereum blockchains run. The point is that it allows the blockchain to be decentralized and secure at the same time.

"It's what's called the civil resistance mechanism," said Jon Charbonneau, an analyst at Delphi Digital. Every blockchain needs to run on a scarce resource, Charbonneau explained, one that bad actors can't monopolize. For proof-of-work blockchains, that resource is power in the form of the electricity required to run a mining operation.

To overtake ethereum right now, a bad actor would need to control 51% of the network's power. The network is made up of hundreds of thousands of computers around the world, meaning bad guys would need to control 51% of the power in this vast mining pool. Doing so would cost billions of dollars.

The system is secure. Though scams and hacks are common in crypto, neither the bitcoin nor ethereum blockchains themselves have been compromised in the past. The downside, however, is obvious. As cryptographic puzzles become more complicated and more miners compete to solve them, energy expenditure soars.

Lots and lots. Bitcoin is estimated to consume about 150 terawatt hours a year, which is more electricity than 45 million people in Argentina use. Ethereum is closer to Switzerland's 9 million citizens, eating up about 62 million terawatt hours.

Much of that energy comes from renewable sources. About 57% of the energy used to mine bitcoin comes from renewable sources, according to the Bitcoin Mining Council. (BMC relies on self reporting among its members.) This is motivated not by climate conscientiousness but self interest: Renewable energy is cheap, so mining operations are often set up near wind, solar or hydro farms.

Still, the carbon footprint is extensive. Ethereum is estimated to emit carbon dioxide at a similar scale to Denmark.

The Merge will see ethereum completely shed proof of work, the energy-intensive system it currently uses, in favor of proof of stake.

In crypto land, "staking" refers to depositing cryptocurrency to yield interest. For instance, the creators of the terraUSD stablecoin offered customers 19% interest on staked TerraUSD: You could put in $10,000 and take out $11,900 after a year (until it imploded).

When proof of stake comes into effect, miners will no longer have to solve cryptographic puzzles to verify new blocks. Instead, they'll deposit ether tokens into a pool. Imagine each of these tokens is a lottery ticket: If your token number is called, you win the right to verify the next block and earn the rewards that entails.

It's still an expensive enterprise. Prospective block verifiers who will be known as "validators" instead of miners need to stake a minimum of 32 ether ($48,500) to be eligible. This system sees punters put up raw capital, rather than power, to validate blocks. Whereas a bad actor needs 51% of a network's power to overrun a proof-of-work system, they'd need 51% of the total staked ether to overrun the proof-of-stake system.

Since cryptographic puzzles will no longer be part of the system, electricity expenditure will go down an estimated 99.65%, according to the Ethereum Foundation.

Ethereum will transition from proof of work to proof of stake through a merging of two blockchains.

The ethereum blockchain that people use is known as "mainnet," as distinguished from various "testnet" blockchains that are used only by developers. In December 2020, ethereum developers created a new network called the beacon chain. The beacon chain is essentially the new ethereum.

The beacon chain is a proof-of-stake chain that's been chugging along in isolation since its creation 18 months ago. Validators have been adding blocks to the chain, but these blocks have contained no data or transactions. In essence, it's been put under various stress tests ahead of the big day.

The Merge will see the data held on ethereum's mainnet transferred to the beacon chain, which will then become the prime blockchain on ethereum's network. In the run-up to the Merge, ethereum developers have been stress testing the new blockchain by running data and transactions through it on various ethereum testnets.

"If you talk to the ethereum developers, and I have, they would tell you that if proof-of-work mining got banned overnight, they could do the Merge right now and it'd be fine," Charbonneau said. Much of the ironing out developers are currently focused on pertains to applications and clients built on top of ethereum, he added, not the proof-of-stake execution itself. "If they did the Merge today, it would be buggy for a few months ... but the protocol itself, there's no worries [among the developers]."

Absolutely. Critics of ethereum -- typically bitcoin enthusiasts -- compare the merge to changing the engine of an airplane in the middle of a passenger flight. At stake is not just the airplane, but the $183 billion worth of ether in circulation.

On a technical level, there could be many unforeseen bugs with the new blockchain. Solana, another proof-of-stake blockchain, has suffered several complete outages this year. Solana and ethereum differ in that solana's fees are minuscule, which means it's easier for bots to overwhelm the blockchain, but technical difficulties aren't out of the question.

Critics also wonder whether proof of stake will be as secure as proof of work. Charbonneau reckons it could be safer because of a function called "slashing" in essence, validators can have their staked ether burned, and their network access revoked, if they're found to have acted maliciously.

"Say someone 51% attacks bitcoin today, you can't really do anything," Charbonneau said. "They have all the miners and they could just keep attacking you. With proof of stake, it's really simple. If you attack the network, it's provable and we just slash you, and then your money's gone."

"You get one bullet, and then that's it. Then you can't do it again."

Ether is down about 60% since the beginning of the year, and many are hoping the Merge will revive its price. This has been a hotly debated topic within crypto circles in recent months, and no one knows for sure what the Merge will do the ether's price.

There are two primary reasons people predict ether's price will skyrocket following the Merge. First is the idea that ethereum fractioning its carbon footprint will make it easier for big companies to both invest in ether and create ethereum applications.

"The reality is, if you take the environmental caring part away, there are a lot of people who are not going to use it [ethereum] and not want to invest in it just based on ESG reasons," Charbonneau said, referring to environmental, social and corporate governance standards for ethical investing. "There are a lot of tech companies that have openly said, 'we are not going to do anything until after the Merge.'"

The second argument people make is a little more technical. Mining ethereum is costly; as electricity prices have gone up and crypto prices have gone down, even successful mining operations have begun to see red. To offset costs, miners typically sell most of the cryptocurrency they earn from mining. That creates millions of dollars of sell pressure each day as miners offload their ether. Once ethereum is proof of stake, miners (or "validators" as they'll be called) won't have to sell all the ether they earn, since validating blocks is so much cheaper than mining them via proof of work cryptography.

Others argue, however, that the Merge is already priced in. It's been in the works for seven years and many big-time investors, the argument goes, have put money on ethereum with the expectation that the Merge would be successful.

The Merge is expected to happen in September. In a recent conference call among ethereum developers, the Ethereum Foundation's Tim Beiko put Sept. 19 as a tentative date.

"This merge timeline isn't final, but it's extremely exciting to see it coming together," another developer tweeted. "Please regard this as a planning timeline."

The announcement did see the price of ether go up considerably, to $1,600. That's far from its $4,800 high, but encouraging news for ethereum enthusiasts in a cold cryptocurrency winter.

Original post:
Ethereum Merge Explained: Why It Matters For Everyone - CNET

With FIDO2, is a passwordless future on the horizon? – The Stack

Everyone hates passwords. They were useful when fewer websites existed, but now that our digital footprint has increased dramatically the average person manages as many as 100 passwords online passwords are now more of a risk than a solution, writes Reza Zaheri, Chief Information Security Officer, Quantum Metric.

To address the issues surrounding passwords, we must move beyond them altogether. Indeed, the wheels have been in motion for over a decade, with new solutions coming to the market in earnest. But its only in recent months that joint support from tech giants like Google, Apple and Microsoft has reached a tipping point, paving the way to a passwordless future.

Research by Google revealed that 52% of people reuse the same password for multiple accounts, and theyre often easy to remember, exacerbating the risk of hackers guessing them. Solutions like single sign-on and password managers are available, but these are underutilised by many, whether thats for reasons of trust, availability, or lack of knowledge.

Most breaches also involve a stolen password or credential, despite this, passwords are still popular. They are familiar, theyre easy to set up and usable on any platform. People who arent tech-savvy understand them, and if a password is stolen, one can simply create a new one.

Theres been a recent shift towards a passwordless future with multi-factor authentication (MFA) using biometrics like a face scan or fingerprint, a security key, or a text message with a code. Despite augmenting security (Microsoft claims MFA can block over 99.9% of account compromise attacks) many people either dont know how to use it, or theyre averse to the technology. And for those who do use MFA, the experience isnt necessarily seamless it often involves the extra steps of plugging in a security key, or copying / pasting a text message code. So, people revert to easy and often weak passwords.

The solution seems to lie with a partnership between FIDO (Fast IDentity Online) Alliance, and the World Wide Web Consortium (W3C).

Together, theyve developed FIDO2, an open global authentication standard designed to eliminate the use of passwords altogether, using Web Authentication (WebAuthn) and Client-to-Authenticator Protocol (CTAP) as their core components.

In May 2022, Apple, Google and Microsoft announced game-changing commitments to support the FIDO2 passwordless sign-in standard. And this year, all of the major browsers, platforms and operating systems Apple, Windows, Android. iOS, macOS, Chrome, Firefox, Safari, Edge will support FIDO2.

Lets say you want to log in to a website or app that offers FIDO2 authentication. Instead of using a password, your smartphone will serve as your identity authenticator, by storing a passkey credential created using military-grade public/private key cryptography.

For each website or app, a unique passkey pair is generated. Stored in a secure device enclave and synced to the cloud, the private key never leaves the local device and cant be stolen. Meanwhile, the public key is sent to the online service and linked to the users account. To log in, youll receive a prompt from the website or app, to unlock your phone via biometrics or passcode. By doing so, your phone will sign a specific challenge with your private key, thereby authenticating you and your device to the service.

And if you lose your phone? Your passkeys are always securely backed up into the cloud, and should sync to any new device you own.

Using robust public-key cryptography, FIDO2 is uber-secure and phishing-resistant. The passkey process is end-to-end encrypted, so hackers cannot intercept them. Because the private passkey will never leave the associated device, a hacker can never masquerade as you.

On top of that, its interoperable. Even if youre logging in with an iPhone, a Windows laptop, and a Chrome browser, FIDO2 will use Bluetooth to seamlessly communicate between different devices, and ultimately reduce any friction in the authentication process.

By eliminating passwords altogether, there is no need to reset or remember any passwords, and nothing to steal. Moreover, a passkey isnt sent unless the website or app is real, meaning fraudsters cant set up fake sites and use social engineering to steal credentials. As a result, credential stuffing, password guessing and phishing also become a thing of the past.

Furthermore, FIDO2 is both operating system and platform-agnostic, so theres no need to install extra apps, thus making it easier for mass adoption. Given that the three biggest tech giants are behind the standard, theres a good chance itll be ubiquitous in the near future.

The benefits are clear, but FIDO2 also raises some important questions, such as, who owns the passkeys?

Purely as an example: if youre an Apple user and your passkeys are backed up to iCloud, what happens if Apple disables access to your account? Will that leave you unable to log in to specific websites and apps? That leaves a vast amount of power in the hands of these tech behemoths. Remember: whoever controls your passkeys essentially controls your identity.

As it currently stands, passkeys will tie you to the likes of Google, Microsoft, and Apple even more than you already are, begging the question: do you trust them enough when it comes to privacy and security? Indeed, for FIDO2 to be a truly open standard, every tech company must be on board, not just the three.

Other questions remain unanswered, too. For instance, how easy will it be to switch passkeys across operating systems or platforms? And what if youre sleeping and someone uses your device to scan your face; does that give them access to your passkeys, and thus every other aspect of your life? And what happens if a hacker steals your phone? As such, your phones security and access becomes even more crucial the nature of PIN codes will likely become longer, and biometrics will also become even more sensitive and discerning.

Although a passwordless future is heading our way, it will take time to incorporate FIDO2 technology. To facilitate that, it needs to work out of the box, and be seamless, intuitive and transparent.

To that end, developers should not need to completely rewrite their applications and websites to make them FIDO2-capable, instead embedding a front-end module/plugin offered by identity providers like Google and Microsoft. However, antiquated systems may find it hard to incorporate FIDO2. As a result, a hybrid approach is highly likely, where legacy passwords still exist for such systems, and passkeys are slowly introduced into newer systems.

Because FIDO2 is a cultural paradigm shift as much as it is a technological change, user education is vital. Forty-plus years of passwords is a massive legacy to overcome. Companies will need to spend time and money raising awareness, so the general public can trust the new technology, any fears can be allayed around passwordless logins all in simple laymans terms.

Following the joint announcement by the three tech giants to support passwordless FIDO2, Apple has already stated they will make it available to the masses in September, when their new operating system is released; Google and Microsoft should also follow suit by the end of the year.

Were on the right trajectory towards secure, and easy passkey sign-ins across devices and platforms. But a passwordless reality wont happen overnight it will take some time until all are onboard.

Read more here:
With FIDO2, is a passwordless future on the horizon? - The Stack

House approves Mace’s bill upgrading government IT cryptography – Ripon Advance

The U.S. House of Representatives on July 12 passed bipartisan legislation introduced by U.S. Rep. Mace (R-SC) that would encourage the migration of federal government information technology systems to quantum-resistant cryptography.

The Quantum Computing Cybersecurity Preparedness Act, H.R. 7535, which Rep. Mace cosponsored on April 18 with bill sponsor U.S. Rep. Ro Khanna (D-CA), advanced to the U.S. Senate on July 13 and was referred to the U.S. Senate Homeland Security and Governmental Affairs Committee for consideration.

Quantum computing is the next frontier in technology; it will take our civilization forward in leaps and bounds. In many ways, it will turn our conventional understanding of computing on its head, said Rep. Mace. But like all great leaps in technology, there are those that will use it for sinister and nefarious reasons.

Rep. Mace said that H.R. 7535 instructs the federal government to take the necessary steps to protect our nations sensitive information from those who wish to do us harm using this emerging technology.

If enacted, H.R. 7535 would require the Office of Management and Budget (OMB), in consultation with the Chief Information Officers Council, to prioritize the migration to post-quantum cryptography and to assess critical systems one year after National Institute of Standards and Technology (NIST) standards are issued, according to a bill summary provided by the lawmakers.

Additionally, the measure would instruct the OMB director to report to Congress on a strategy to address this risk, any required funding and an analysis on current efforts. The report would be due one year after the bill becomes law, the summary says.

OMB also would be directed to provide a yearly report to Congress on the progress of the federal government in transitioning to post-quantum cryptography. The first report would be due one year after the NIST standards are released.

I hope that the Senate will swiftly take up the bill and deliver it to the presidents desk, said Rep. Khanna.

Read the original here:
House approves Mace's bill upgrading government IT cryptography - Ripon Advance

How Maine’s members of Congress voted last week – Press Herald

Along with last weeks roll call votes, the House also passed the Quantum Computing Cybersecurity Preparedness Act (H.R. 7535), to encourage the migration of federal government information technology systems to quantum-resistant cryptography.

HOUSE VOTES

CARIBBEAN TIES: The House has passed a resolution (H. Res. 1168), sponsored by Del. Stacey E. Plaskett, D-V.I., stating the need to strengthen U.S. economic partnerships with Caribbean countries. Plaskett said the partnerships support budding democracies at our doorstep and create mutually beneficial economic stability with our neighbors. The vote, on July 12, was 351 yeas to 64 nays.

YEAS: Chellie Pingree, D-1st District; Jared Golden, D-2nd District

FEDERAL WORKER BENEFITS: The House has passed the First Responder Fair Return for Employees on Their Initial Retirement Earned Act (H.R. 521), sponsored by Rep. Gerald E. Connolly, D-Va. The bill would keep federal government workers classified as first responders for the purposes of receiving retirement benefits if those workers are disabled on the job and then move to non-first responder jobs within the federal government. Connolly said: We want to incentivize our first responders to continue their service to this nation. We shouldnt punish them for injuries they sustained protecting us. The vote, on July 12, was unanimous with 417 yeas.

YEAS: Pingree, Golden

CYBERSECURITY TRAINING: The House has passed the National Computer Forensics Institute Reauthorization Act (H.R. 7174), sponsored by Rep. Elissa Slotkin, D-Mich. The bill would reauthorize, through 2032, the U.S. Secret Services National Computer Forensics Institute, which trains state and local law enforcement agencies in addressing cybersecurity and electronic crime. The vote, on July 13, was 410 yeas to 16 nays.

YEAS: Pingree, Golden

FENTANYL EXPOSURES: The House has passed the Prevent Exposure to Narcotics and Toxics Act (H.R. 5274), sponsored by Rep. David P. Joyce, R-Ohio, to require the Customs and Border Protection agency to distribute containment devices to its workers to prevent their exposure to fentanyl. Joyce called the requirement a simple but necessary extension of the tools we provide those who defend our borders and help them do their jobs safely. The vote, on July 13, was unanimous with 429 yeas.

YEAS: Pingree, Golden

ACTIVE SHOOTER ALERTS: The House has passed the Active Shooter Alert Act (H.R. 6538), sponsored by Rep. David N. Cicilline, D-R.I. The bill would establish an Active Shooter Alert Communications Network at the Justice Department, and have the network make plans for sending alerts about active shooters by working with local and state governments. Cicilline said the network will provide access to an important tool for law enforcement departments across the country, regardless of their size or location. An opponent, Rep. Jim Jordan, R-Ohio, said state and local governments already had adequate alert systems, and called the bill another failed attempt by Democrats to do something about the surge in violence and crime across the country. The vote, on July 13, was 260 yeas to 169 nays.

YEAS: Pingree, Golden

VETERANS AND TOXINS: The House has passed the Sergeant First Class Heath Robinson Honoring our Promise to Address Comprehensive Toxics Act (S. 3373), sponsored by Sen. Tim Kaine, D-Va., to increase medical benefits and treatments for military veterans who were exposed to toxins in Iraq and Afghanistan. A bill supporter, Rep. Mike Bost, R-Ill., said it will help millions of veterans, servicemembers, survivors, and military families. The vote, on July 13, was 342 yeas to 88 nays.

YEAS: Pingree, Golden

MILITARY COMMISSIONS: The House has passed an amendment sponsored by Rep. Adam Schiff, D-Calif., to the National Defense Authorization Act (H.R. 7900), that would require the Defense Department to publish on the Internet the proceedings of military commissions. Schiff said the requirement would show the American people that we believe they have the right to observe military commission proceedings, including those against the individuals who planned the 9/11 attacks. An opponent, Rep. Mike Rogers, R-Ala., said: Letting hardened terrorists know there is a public audience for their hate will do far more harm than good. The vote, on July 13, was 218 yeas to 207 nays.

YEAS: Pingree, Golden

CONTRACTOR LABOR PRACTICES: The House has passed an amendment sponsored by Rep. Mondaire Jones, D-N.Y., to the National Defense Authorization Act (H.R. 7900), that would bar the Defense Department from awarding contracts to employers found to have recently engaged in unfair labor practices. Jones said taxpayer dollars should go to companies that are helping to build and strengthen our country, not tear it down. An opponent, Rep. Rick Allen, R-Ga., said: This flawed blacklisting amendment will threaten federal contractors due process rights because a federal contractor could be prohibited from DOD contracts before a charge has been fully adjudicated. The vote, on July 13, was 221 yeas to 207 nays.

YEAS: Pingree, Golden

MILITARY LABOR STANDARDS: The House has passed an amendment sponsored by Rep. Janice Schakowsky, D-Ill., to the National Defense Authorization Act (H.R. 7900), that would give preferential treatment to potential Defense Department contractors who meet certain labor relations standards. Schakowsky said the amendment was needed to prevent contractors from harassing workers. An opponent, Rep. Rick Allen, R-Ga., said that by favoring contractors who have signed neutrality agreements with workers who might unionize, the amendment would stifle employee free choice and prohibit employers from communicating with their employees about the downsides of union representation. The vote, on July 13, was 220 yeas to 209 nays.

YEAS: Pingree, Golden

MILITARY CONTRACTING: The House has passed an amendment sponsored by Rep. Andy Kim, D-N.J., to the National Defense Authorization Act (H.R. 7900), that would give preferential treatment to potential Defense Department construction contractors with a majority of their employees living near the planned construction project. Kim said the preferential treatment will help small businesses and highly skilled workers in the building trades access new opportunities and unlock the local economic potential of military bases across the country. An opponent, Rep. Michael Waltz, R-Fla., said it would increase time and money to an already difficult, lengthy, and often slow military construction process. The vote, on July 13, was 220 yeas to 207 nays.

YEAS: Pingree, Golden

MILITARY HARASSMENT CLAIMS: The House has passed an amendment sponsored by Rep. Veronica Escobar, D-Texas, to the National Defense Authorization Act (H.R. 7900), that would require the military to complete its reviews of harassment and discrimination complaints within 6 months. Escobar said the time limit was needed because our servicemembers lack many of the protections and privileges that their civilian counterparts have when it comes to discrimination and harassment. An opponent, Rep. Mike Rogers, R-Ala., said that by overturning current military procedures for reviewing complaints, this amendment creates an existential threat to the good order and discipline of the military. The vote, on July 13, was 219 yeas to 209 nays.

YEAS: Pingree, Golden

MILITARY HARM TO CIVILIANS: The House has passed an amendment sponsored by Rep. Ro Khanna, D-Calif., to the National Defense Authorization Act (H.R. 7900), that would authorize up to $5 million of annual spending on programs to mitigate civilian harm from military actions. Khanna said the funding would help make sure we have the resources to track and report and minimize civilian casualties. An opponent, Rep. Mike Rogers, R-Ala., said it diverts critical dollars needed to ensure the readiness of our servicemembers to fulfill unnecessary paperwork requirements. The vote, on July 13, was 215 yeas to 212 nays.

YEAS: Pingree, Golden

NUCLEAR TESTS: The House has passed an amendment sponsored by Rep. Bill Foster, D-Ill., to the National Defense Authorization Act (H.R. 7900), that would end limits on funding for the Preparatory Commission for the Comprehensive Nuclear Test-Ban Treaty Organization. Foster said of the need for increased funding: We must continue our efforts to reduce the threat of nuclear weapons and continue longstanding commitments to our allies. An opponent, Rep. Doug Lamborn, R-Colo., said: This amendment would require American taxpayers to provide money to an organization for a treaty the United States is not even a party to. The vote, on July 13, was 216 yeas to 209 nays.

YEAS: Pingree, Golden

D.C. NATIONAL GUARD: The House has passed an amendment sponsored by Del. Eleanor Holmes Norton, D-D.C., to the National Defense Authorization Act (H.R. 7900), that would give the mayor of Washington, D.C., authority over the Districts National Guard equal to authority the governors of the 50 states have over their National Guards. Norton said currently, presidential control over the D.C. National Guard creates a loophole in the Posse Comitatus Act which limits the militarys involvement in civil law enforcement. An opponent, Rep. Andrew Clyde, R-Ga., said: The D.C. mayor must not have equal authorities as governors of states and territories have over their National Guards because the D.C. mayor is not a governor. The vote, on July 13, was 218 yeas to 209 nays.

YEAS: Pingree

NAYS: Golden

WHITE SUPREMACY: The House has passed an amendment sponsored by Rep. Bradley Scott Schneider, D-Ill., to the National Defense Authorization Act (H.R. 7900), that would require the Federal Bureau of Investigation, Homeland Security Department, and Defense Department to oppose white supremacist and neo-Nazi activity by agency employees. Schneider said: Extremism is a threat to us in all segments of society. There is no reason to believe that our military is any different. An opponent, Rep. Andy Biggs, R-Ariz., said: This amendment denigrates our men and women in the service. It is Orwellian in nature. The vote, on July 13, was 218 yeas to 208 nays.

YEAS: Pingree, Golden

DOMESTIC TERRORISM: The House has passed an amendment sponsored by Rep. Kathleen Rice, D-N.Y., to the National Defense Authorization Act (H.R. 7900), that would require the Federal Bureau of Investigation and Homeland Security Department to send Congress a report on processes needed to improve their reports on domestic terrorism threats. Rice said the report would ensure that we give our agencies the tools they need to give us the best intelligence and information. An opponent, Rep. Andy Biggs, R-Ariz., said the amendment would enable the Biden administration to use existing counterterrorism resources as a tool to target and silence citizens who disagree with government actions. The vote, on July 13, was 220 yeas to 205 nays.

YEAS: Pingree, Golden

POSSE COMITATUS: The House has passed an amendment sponsored by Rep. Adam Schiff, D-Calif., to the National Defense Authorization Act (H.R. 7900), that would bar the use, in legal proceedings, of evidence obtained by military members in violation of the Posse Comitatus Act, which governs the involvement of the military in domestic law enforcement activities. Schiff said the measure would prevent any president of either party from unlawfully using the military as a domestic police force, and it would ensure that evidence obtained because of unlawful acts isnt used against any American. An opponent, Rep. Andy Biggs, R-Ariz., raised concerns about the possible disuse of evidence regarding immigration law if members of the military were lawfully used for assistance at the border with Mexico. The vote, on July 14, was 215 yeas to 213 nays.

YEAS: Pingree

NAYS: Golden

MILITARY SPENDING: The House has passed the National Defense Authorization Act (H.R. 7900), sponsored by Rep. Adam Smith, D-Wash., to authorize $850 billion of fiscal 2023 spending at the Defense Department and military construction programs, and prescribe military personnel levels for the year. Smith said of the need for the bill: The men and women who serve must have the tools and the support from us that they need to do that job. The vote, on July 14, was 329 yeas to 101 nays.

YEAS: Pingree, Golden

5G NETWORKS: The House has passed the Promoting United States International Leadership in 5G Act (H.R. 1934), sponsored by Rep. Michael T. McCaul, R-Texas, to require the president to form an interagency government working group for supporting U.S. 5th generation (5G) mobile telecommunications systems. A supporter, Rep. Young Kim, R-Calif., said: This bill will help ensure that the United States is doing all we can to stop Russian and Chinese malign influence taking control of the worlds 5G networks. The vote, on July 14, was 405 yeas to 20 nays.

YEAS: Pingree, Golden

SUDAN COUP: The House has passed a resolution (H. Con. Res. 59), sponsored by Rep. Gregory W. Meeks, D-N.Y., condemning last Octobers military coup in Sudan and calling for the restoration of the countrys constitutional leaders. The vote, on July 14, was 417 yeas to 7 nays.

YEAS: Pingree, Golden

VETERANS RECORDS: The House has passed the Access for Veterans to Records Act (H.R. 7337), sponsored by Rep. Carolyn B. Maloney, D-N.Y., to require the U.S. Office of the Archivist to send Congress a plan for ways to reduce the backlog of processing veterans requests for National Personnel Records Center documents, and authorize $60 million of spending on that effort. Maloney said the current backlog of about 500 thousand records requests has left veterans and their families struggling as they wait to receive material needed to access housing, healthcare, and other government services. The vote, on July 14, was 406 yeas to 21 nays.

YEAS: Pingree, Golden

SENATE VOTES

MILITARY READINESS: The Senate has confirmed the nomination of Ashish Vazirani to be the Defense Departments Deputy Under Secretary for Personnel and Readiness. Vazirani, a longtime management consultant and former naval officer, is a senior official at the A2O Strategies business consultancy, and previously was CEO of the National Military Family Association. The vote, on July 12, was 73 yeas to 21 nays.

YEAS: Susan Collins, R-Maine; Angus King, I-Maine

BATF DIRECTOR: The Senate has confirmed the nomination of Steven M. Dettelbach to be head of the Bureau of Alcohol, Tobacco, Firearms, and Explosives. Dettelbach was a U.S. attorney in Ohio for most of the Obama administration and, since 2016, has been a partner at the BakerHostetler law firm. A supporter, Sen. Sherrod Brown, D-Ohio, called Dettelbach a career prosecutor with decades of experience fighting crime, religion-motivated violence, gun trafficking, and he is a proven consensus-builder with bipartisan support. The vote, on July 12, was 48 yeas to 46 nays.

YEAS: Collins, King

FEDERAL RESERVE BOARD: The Senate has confirmed the nomination of Michael Barr to be a member of the Federal Reserves board of governors for a 14-year term ending in 2032. Barr, an assistant secretary at the Treasury Department during part of the Obama administration, has since been a finance and public policy professor at the University of Michigan. A supporter, Sen. Sherrod Brown, D-Ohio, said Barr has worked for a quarter century to make our financial system safer and fairer. The vote, on July 13, was 66 yeas to 28 nays. Barr was then confirmed, in a separate 66-28 vote, to also be the boards vice chairman for supervision for a four-year term.

YEAS: Collins, King

EXPORT-IMPORT BANK: The Senate has confirmed the nomination of Owen Herrnstadt to be a member of the board of the U.S. Export-Import Bank. Herrnstadt, currently an executive at the International Association of Machinists and Aerospace Workers union, is also an employment and labor law professor at Georgetown University, and was formerly a Federal Reserve official. A supporter, Sen. Sherrod Brown, D-Ohio, praised Herrnsatdt as a 30-year-long labor activist, fighting for workers. The vote, on July 13, was 51 yeas to 44 nays.

YEAS: Collins, King

CIA GENERAL COUNSEL: The Senate has confirmed the nomination of Kate Heinzelman to be the Central Intelligence Agencys general counsel. Currently a senior aide in the attorney generals office, Heinzelman had been a partner at a Washington, D.C., law firm, and a legal official in the Obama administration in various roles. The vote, on July 14, was 50 yeas to 41 nays.

YEAS: Collins, King

Previous

Read the rest here:
How Maine's members of Congress voted last week - Press Herald

Ethereum Merge: How Crypto’s Carbon Footprint Is About to Shrink – CNET

Whether you own cryptocurrency or not, the Ethereum Merge is a big deal. In the works since 2014, the long-delayed Merge will see ethereum, the second-biggest blockchain behind bitcoin, become nearly carbon neutral.

That is of huge consequence. Cryptocurrency critics argue that coins like bitcoin and ether are useless and use enormous amounts of electricity. The first point is polarizing and subjective, butthe second is unequivocally true. In an era when more people than ever view climate change mitigation as society's No. 1 priority, the carbon emissions of bitcoin and ethereum are too conspicuous to ignore.

In the Merge, ethereum will adopt a system known as proof of stake, which has been planned since before the blockchain's creation in 2014. Because of its technical complexity, and the increasingly large amount of money at risk, it has been delayed multiple times. The Merge is part of what in the past was called "ether 2.0," a series of upgrades that reshape the blockchain's foundations. Mid-September is the goal deadline.

"We've been working on proof of stake for about seven years now," Ethereum co-creator Vitalik Buterin said at the Eth Shanghai conference in March, "but finally all of that work is coming together."

Here's everything you need to know to make sense of the big day.

To understand the Merge, you first need to understand the role of cryptocurrency miners.

Say you wanted to mine cryptocurrency. You'd set up a powerful computer -- a mining rig -- to run software that attempts to solve complex cryptographic puzzles. Your rig competes with hundreds of thousands of miners around the world trying to solve the same puzzle. If your computer unscrambles the cryptography first, you win the right to "validate" a block that is, add new data to the blockchain. Doing so gives you a reward: Bitcoin miners get 6.25 bitcoin ($129,000) for every block they verify, while ethereum miners get 2 ether ($2,400) plus gas, which are the fees users pay on each transaction (which can be huge).

It takes a powerful computer to have a chance in this race, and people typically set up warehouses full of rigs for this purpose. This system is called "proof of work," and it's how both bitcoin and ethereum blockchains run. The point is that it allows the blockchain to be decentralized and secure at the same time.

"It's what's called the civil resistance mechanism," said Jon Charbonneau, an analyst at Delphi Digital. Every blockchain needs to run on a scarce resource, Charbonneau explained, one that bad actors can't monopolize. For proof-of-work blockchains, that resource is power in the form of the electricity required to run a mining operation.

To overtake ethereum right now, a bad actor would need to control 51% of the network's power. The network is made up of hundreds of thousands of computers around the world, meaning bad guys would need to control 51% of the power in this vast mining pool. Doing so would cost billions of dollars.

The system is secure. Though scams and hacks are common in crypto, neither the bitcoin nor ethereum blockchains themselves have been compromised in the past. The downside, however, is obvious. As cryptographic puzzles become more complicated and more miners compete to solve them, energy expenditure soars.

Lots and lots. Bitcoin is estimated to consume about 150 terawatt hours a year, which is more electricity than 45 million people in Argentina use. Ethereum is closer to Switzerland's 9 million citizens, eating up about 62 million terawatt hours.

Much of that energy comes from renewable sources. About 57% of the energy used to mine bitcoin comes from renewable sources, according to the Bitcoin Mining Council. (BMC relies on self reporting among its members.) This is motivated not by climate conscientiousness but self interest: Renewable energy is cheap, so mining operations are often set up near wind, solar or hydro farms.

Still, the carbon footprint is extensive. Ethereum is estimated to emit carbon dioxide at a similar scale to Denmark.

The Merge will see ethereum completely shed proof of work, the energy-intensive system it currently uses, in favor of proof of stake.

In crypto land, "staking" refers to depositing cryptocurrency to yield interest. For instance, the creators of the terraUSD stablecoin offered customers 19% interest on staked TerraUSD: You could put in $10,000 and take out $11,900 after a year (until it imploded).

When proof of stake comes into effect, miners will no longer have to solve cryptographic puzzles to verify new blocks. Instead, they'll deposit ether tokens into a pool. Imagine each of these tokens is a lottery ticket: If your token number is called, you win the right to verify the next block and earn the rewards that entails.

It's still an expensive enterprise. Prospective block verifiers who will be known as "validators" instead of miners need to stake a minimum of 32 ether ($38,500) to be eligible. This system sees punters put up raw capital, rather than power, to validate blocks. Whereas a bad actor needs 51% of a network's power to overrun a proof-of-work system, they'd need 51% of the total staked ether to overrun the proof-of-stake system.

Since cryptographic puzzles will no longer be part of the system, electricity expenditure will go down an estimated 99.65%, according to the Ethereum Foundation.

The way in which ethereum will transition from proof of work to proof of stake will be achieved through a merging of two blockchains.

The ethereum blockchain that people use is known as "mainnet," as distinguished from various "testnet" blockchains that are used only by developers. In December 2020, Ethereum developers created a new network called the beacon chain. The beacon chain is essentially the new ethereum.

The beacon chain is a proof-of-stake chain that has been chugging along in isolation since its creation 18 months ago. Validators have been adding blocks to the chain, but these blocks have contained no data or transactions. In essence, it's been put under various stress tests ahead of the big day.

The Merge will see the data held on Ethereum's mainnet transferred to the beacon chain, which will then become the prime blockchain on ethereum's network. In the run-up to the Merge, ethereum developers have been stress testing the new blockchain by running data and transactions through it on various ethereum testnets.

"If you talk to the ethereum developers, and I have, they would tell you that if proof-of-work mining got banned overnight, they could do the Merge right now and it'd be fine," Charbonneau said. Much of the ironing out developers are currently focused on pertains to applications and clients built on top of ethereum, he added, not the proof-of-stake execution itself. "If they did the Merge today, it would be buggy for a few months ... but the protocol itself, there's no worries [among the developers]."

Absolutely. Critics of ethereum typically bitcoin enthusiasts compare the merge to changing the engine of an airplane in the middle of a passenger flight. At stake is not just the airplane, but the $140 billion worth of ether in circulation.

On a technical level, there could be many unforeseen bugs with the new blockchain. Solana, another proof-of-stake blockchain, has suffered several complete outages this year. Solana and ethereum differ in that solana's fees are minuscule, which means it's easier for bots to overwhelm the blockchain, but technical difficulties aren't out of the question.

Critics also wonder whether proof of stake will be as secure as proof of work. Charbonneau reckons it could be safer because of a function called "slashing" in essence, validators can have their staked ether burned, and their network access revoked, if they're found to have acted maliciously.

"Say someone 51% attacks bitcoin today, you can't really do anything," Charbonneau said. "They have all the miners and they could just keep attacking you. With proof of stake, it's really simple. If you attack the network, it's provable and we just slash you, and then your money's gone."

"You get one bullet, and then that's it. Then you can't do it again."

Ether is down nearly 70% since the beginning of the year, and many are hoping that the Merge will revive the cryptocurrency's price. This has been a hotly debated topic within crypto circles in recent months. The answer is that no one knows.

Many argue that the Merge is already priced in; it's been in the works for seven years and many big-time investors, the argument goes, have put money on ethereum with the expectation that the Merge would be successful. More important than how the Merge impacts ether's price in the short term is how it shapes the cryptocurrency's long-term prospects.

Charbonneau said that reducing ethereum's carbon footprint out of environmental concerns is "definitely a meaningful part" of ethereum developers' motivations for the Merge. But beyond that, he notes, it's also about making ethereum adoption easier for big companies to justify.

"The reality is, if you take the environmental caring part away, there are a lot of people who are not going to use it [ethereum] and not want to invest in it just based on ESG reasons," Charbonneau said, referring to environmental, social and corporate governance standards for ethical investing. "There are a lot of tech companies that have openly said, 'we are not going to do anything until after the Merge.'"

The Merge is expected to happen in September. In a recent conference call among ethereum developers, the Ethereum Foundation's Tim Beiko put Sept. 19 as a tentative date.

"This merge timeline isn't final, but it's extremely exciting to see it coming together," another developer tweeted. "Please regard this as a planning timeline."

Continued here:
Ethereum Merge: How Crypto's Carbon Footprint Is About to Shrink - CNET

The Birth Of Crypto And Bitcoin, Per Elcryptodoc – News Ghana

While many refer to 2009 in the creation of Bitcoin as the birth of crypto, the origins of this technology go way back. Cryptocurrencies and specifically Bitcoin were built on top of decades of technological innovations and envisioning. Its only thanks to several mathematical and computer science breakthroughs of the 70s and 80s, several brilliant minds that laid the foundation of cryptocurrencies. The basics of encryption were developed in the late 70s and early 80s. The first concepts of cryptographic currencies came in during the 1990s. In 2009 Satoshi Nakamoto created Bitcoin by putting together the most interesting innovations in an ingenious new way and thats how he created the Blockchain.

Satoshi Nakamoto

Since the existence of Bitcoin, the question still remains who Satoshi Nakamoto really is. Truth is, nobody knows. There are a lot of potential candidates but what we at Elcryptodoc really think, is that its a collective of math geniuses and cryptography legends who understood that to create a truly decentralized and revolutionary new currency, they needed to remain anonymous. One of the biggest gifts that Satoshi ever gave to the world was remaining anonymous because as we know every single individual or group of people can be made to look flawed but a powerful idea, well.. that can remain perfect forever. Experts at Elcryptodoc says that Satoshi Nakamoto can be a person or a group, its not even known if he or they are still alive because Satoshis crypto wallet, his personal coins were mined at the very beginning of the bitcoin network and they have never been touched. As of today Satoshi based on the holding what it is in that wallet is one of the richest people on this earth.

Born in the financial crisis

In the financial crisis in 2008 the first Bitcoin whitepaper came out by Satoshi Nakamoto. There is even a message inscribed in one of the first blocks of Bitcoin that makes a reference to the global financial crisis. Thats how we know for sure that Satoshi was inspired by this collapse of mainstream finance to create the powerful innovation that we now know as bitcoin.During and after the financial crisis, when the government began to print insane amounts of money, the rise of crypto has been unstoppable since.Thats why experts at Elcryptodoc believes, that the more money governments are continuing to print, the harder the Crypto market will continue to grow.

Decentralized

Bitcoin is a decentralized digital currency without a central bank or a single administrator. Fundamentally what this means is that nobody is in control and can make a decision in printing more bitcoin so to speak. It also means that anybody can access the administration from any computer in the world. You dont even need Bitcoin to run a Bitcoin node or access the network. The whole beauty of this is that anyone has access to the same code around the world and that code prevents anyone from corrupting the system.

Trust code over humans, because code can be incorruptible as long as it is build right, like bitcoin, says Elcryptodoc.

Read the rest here:
The Birth Of Crypto And Bitcoin, Per Elcryptodoc - News Ghana

Lift The Veil On RSA With This RSA Calculator – Hackaday

Encryption algorithms can be intimidating to approach, whats with all the math involved. However, once you start digging into them, you can break the math apart into smaller steps, and get a feel of what goes into encryption being the modern-day magic we take for granted. Today, [Henry Schmale] writes to us about his small contribution to making cryptography easier to understand lifting the veil on the RSA asymmetric encryption technique through an RSA calculator.

With [Henry]s calculator, you can only encrypt and decrypt a single integer, but youre able to view each individual step of an RSA calculation as you do so. If you want to understand what makes RSA and other similar algorithms tick, this site is an excellent starting point. Now, this is not something you should use when roll your crypto implementations as cryptographers say in unison, writing your own crypto from scratch is extremely inadvisable. [Henry] does say that this calculator could be useful for CTF players, for instance, but its also undeniably an accessible learning tool for any hacker out there wishing to understand what goes on under the wraps of the libraries we use.

In modern day, cryptography is instrumental to protecting our freedoms, and its a joy to see people work towards explaining the algorithms used. The cryptography tools we use day-to-day are also highly valuable targets for governments and intelligence agencies, willing to go to great lengths to subvert our communication security so its even more important that we get acquianted with the tools that protect us. After all, it only takes a piece of paper to encrypt your communications with someone.

Read the original here:
Lift The Veil On RSA With This RSA Calculator - Hackaday

Welcome to the Quantum Age – 6 Things You Need to Know About Quantum Computing – JD Supra

Quantum computing has the potential to drive economic growth and promote innovation across a range of industries such as manufacturing, supply chain optimization and logistics, molecular simulations and pharmaceuticals, machine learning, and finance. With a sustained influx of private and government investment and scientific advancements, quantum computing has moved rapidly towards the commercial market. For certain currently intractable problems, quantum computers will have a transformative effect, providing answers exponentially faster than a classical computer.

However, alongside this potential, quantum computing poses an existential threat to certain current forms of cryptography and thus the security of our data.

We have outlined the 6 things you need to know about quantum computing, from its use cases to the hazards it poses to cybersecurity, and how to prepare for the quantum age.

1. The Quantum Computing Industry is Growing

In December 2018, former President Trump signed the National Quantum Initiative Act (the NQI). The NQI called for a coordinated Federal program to accelerate quantum research and development for the economic and national security of the United States and allocated $1.2 billion to advance quantum technologies.

Spurred by recent scientific breakthroughs and extensive government support across agencies, national labs, and partnerships across government, academia, and the private sector, the quantum market is on the rise. According to McKinsey, funding of start-ups focused on quantum technologies (which also encompass quantum sensing and quantum networking) more than doubledfrom $700 million in 2020 to $1.4 billion in 2021. The share of investments in quantum coming from private-capital entities now accounts for more than 70 percent of investments. In total, quantum computing companies raised $3 billion by the end of 2021. In particular, four industriespharmaceuticals, chemicals, automotive, and financeare projected to be the first beneficiaries of quantum advantages, with the potential to capture nearly $700 billion in value as early as 2035. This increased funding suggests a growing confidence from the investment community in quantum computing.

While the possibility of huge long-term returns from quantum computing investments is clear, many companies and industries are already deriving value by mapping many of their high-value intractable problems onto hybrid quantum-classical algorithms being developed by quantum software companies. Companies that have already announced major quantum initiatives include Daimler, Volkswagen, Boeing, Airbus, Goldman Sachs, JPMorgan Chase, Wells Fargo and Merck. Additionally, prominent technology companies are also developing their own quantum capabilities - notably Alibaba, Amazon, IBM, Google, and Microsoft have launched commercial quantum computing cloud services.

2. Quantum Computing Poses a Real Threat to Cybersecurity

A quantum computer can factor prime numbers far more efficiently than a classical computer, thus allowing a requisitely large scale fault tolerant computer running what is known as Shors algorithm to break RSA encryption. The RSA cryptosystem is based on the complexity of prime number factorization for classical computers and is the building block of the current internet infrastructure used to secure most online communication and protect banking, health care, national security, trade secrets, and other vital digital information. As of April 2022, some 78% of all websites communicate relying on the secure version of the HTTP protocol, which is based on RSA encryption. Thus, the possibility of a quantum computer breaking RSA poses a significant threat to the public and private sectors information technology systems.

Although large scale fault tolerant quantum computers remain on the technological horizon as the hardware and software continue to develop, the cybersecurity risk is not just at the point when a quantum computer reaches the technological capacity to run Shors algorithm. Using what is known as harvest, decrypt later attacks, a hacker could obtain RSA-encrypted data now in a classic cyberattack and then decrypt that data in the future when large scale fault tolerant quantum computers are accessible. This is especially concerning for the financial and healthcare industries as unauthorized disclosure of sensitive financial and personal health information would impact consumers and patients at an unprecedented scale.

3. Solutions to Mitigate the Threat are Available

To address these threats while still promoting the overwhelmingly positive impacts that quantum technologies can have, on May 4, 2022, the White House released a national security memorandum (the NSM) outlining the Biden Administrations plan to address the cybersecurity risks posed by quantum technology. The NSM directs the National Institute of Standards and Technology (NIST) to come up with new algorithms (post-quantum algorithms) and standards through a "Migration to Post-Quantum Cryptography Project". NIST is currently engaged in a six-year effort to devise and assess encryption methods that could resist an attack from a future quantum computer.

On July 5, 2022, NIST announced four encryption algorithms that will become part of its post-quantum cryptographic standard, expected to be finalized in about two years at which point the public and private sector can fully implement them. The selection signals the beginning of the final stage of NISTs post-quantum cryptography standardization project, which will likely become an international reference for the industry. However, it is important to note that the final standards will likely constitute more than one algorithm for different use cases in the event one proves vulnerable. While the standards remain in development, NIST encourages IT professionals to explore the new algorithms and consider how their applications will implement them, while remaining flexible as the algorithms could change before the standard is finalized.

4. The Cybersecurity Threat is Likely to Have Legal Consequences

The advent of quantum computers will likely change the nature of what is considered appropriate cybersecurity or industry standard security practice under privacy laws, industry regulations, and commercial contracts. If organizations wait to invest in solutions to adequately protect their data until after a quantum hack, they put themselves at risk both of losing their data in the future and suffering reputational harm.

Regulations such as Articles 5 and 32 of the European Unions General Protection Regulation (GDPR) require personal data to be stored with appropriate security and protection against unauthorized users and to implement appropriate technical and organizational measures to ensure a level of security suitable to the risk. In addition, the California Consumer Privacy Act (CCPA) requires that a business utilize reasonable security in the context of personal information collected or processed for specific purposes. Meanwhile, industry-specific laws such as the Gramm-Leach-Bliley Act (GLBA) and the Health Insurance Portability and Accountability Act (HIPAA) include security rules and safeguard requirements to ensure that financial and health data respectively is adequately protected. However, due to the scale at which a quantum computer will likely be able to break current methods of encryption, appropriate protection against a ransomware or other classical cyberattack will likely look far different in the quantum age.

If an organization processes personal data protected under current encryption methods that arent quantum-proof, that may be seen by future regulators as failing to take appropriate security measures to protect personal data and could subject the organization to significant fines under the GDPR as well as the possibility for costly fines and regulatory settlements from the Federal Trade Commission (FTC), Consumer Financial Protection Bureau (CFPB), and state regulators. The risk of the immense amount of personal, financial, and other types of data that could be lost or otherwise compromised in a quantum-driven hack will increase the burden companies face in terms of what is an appropriate security measure. Over the coming years, as the NIST standards are finalized, we will likely see a push across the legislative and regulatory landscape to promote implementation of post-quantum algorithms with regulators looking for (i) privacy, cybersecurity, and IT policies to affirmatively address the quantum threat and detail what the company has done to mitigate it and (ii) physical updates to cryptography practices and IT stacks to fortify data, especially sensitive and personal information.

In April 2022, a bipartisan group of U.S. lawmakers introduced The Quantum Cybersecurity Preparedness Act (the Cybersecurity Act), which would ensure NISTs standards are implemented in all US Federal systems within a year after their release and require the Office of Management and Budget (OMB) to submit a report to Congress on what else is needed to protect quantum computers from hackers. This focus on protecting US government systems will likely spur further legislation and possible regulatory rules requiring similar post-quantum cryptographic standards be instituted across the private sector as well.

Quantum computers also threaten digital signatures, often used to verify identities in a digital transaction or sign documents remotely. While the NIST algorithms address this threat as well, organizations should understand that digital signatures must too be fortified to protect these vital instruments of modern commerce and limit the possibility of widespread identity theft, fraud, and forgery.

These wide-ranging downstream legal consequences must be considered and addressed by business leaders, lawyers, and technologists alike.

5. Quantum Technologies Can Promote Long-Term Cybersecurity

Though the quantum threat to cybersecurity is real with certain data potentially already at risk due to harvest now, decrypt later attacks, the technology must not be seen as the death nail to privacy and cybersecurity. Quantum technologies such as quantum random number generators and quantum key distribution (QKD) can both mitigate the cybersecurity risks posed by quantum computers and strengthen cybersecurity systems that better protect communications and data.

It is paramount to see quantum technologies both as a sword and a shield for cybersecurity. The time is now for organizations to begin the planning and implementation process for post-quantum cryptography while also exploring quantum-enhanced technologies to proactively defend against cyber threats in the quantum age. By taking an all of the above approach investing in different quantum and quantum-enhanced technologies to fortify IT stacks, addressing quantum mitigation measures in policies and programs, and by evaluating quantums pros and cons, organizations can proactively protect their data and limit regulatory scrutiny and legal liability without curbing innovation.

6. You Can Create a Quantum-Safe Organization Today

For organizations, the first steps are to identify vulnerable data and systems and prepare to institute NISTs post-quantum algorithms (and any other government standards regarding quantum cryptographic standards) once they are standardized. Organizations should undertake a quantum-readiness assessment that (i) classifies what data needs protecting and the length of time for which it must be protected and (ii) inventories the types of cryptography protecting critical data. With this information, organizations will be able to label which types of critical data are currently vulnerable to a theoretical quantum attack and can then make necessary plans and investments to ensure that data is adequately protected against both classical and quantum attacks.

Organizations that store financial records, medical records, national security documents, and other sensitive data for long periods of time should immediately consider building post-quantum cryptography into their IT budgets, policies, and strategic planning processes. Failure to start adopting a post-quantum cryptographic strategy could put all existing encrypted data assets at risk of exposure.

The key to protecting data in the quantum age is cryptographic agility which will allow the existing cryptography to be easily swapped out with NIST-approved post-quantum algorithms when they are announced as well as further developments in cryptography and in quantum technologies themselves. This will be a long-term transformation for IT systems akin to Y2K at a larger scale. Integrating an understanding of the quantum threat into policies and programs while also investing the time and resources to begin making systems quantum-safe will be the key to avoiding regulatory scrutiny, protecting sensitive information, and proving to clients, shareholders, and investors that an organization is ready for the quantum age.

Quantum technologies promise a massive impact. As investments and technological evolution continue to increase, organizations must come to terms with quantums vast promise alongside its risks. The cybersecurity danger posed by quantum computing is undeniable. However, rather than fearing quantum technologies, organizations can both seek to address currently intractable business problems via quantum-leveraged solutions and invest in the policy and IT infrastructure necessary to protect data from an attack via a quantum computer. Making this investment in resources now will be the first step in developing the next stage of cybersecurity to protect data long-term both from classical cyberattacks as well as future quantum attacks. Harnessing quantum technologies will be the key to economic growth and building stronger cyber defenses in this dawning age of the technological revolution.

View post:
Welcome to the Quantum Age - 6 Things You Need to Know About Quantum Computing - JD Supra

Post-Quantum Cryptography Market by Competitive Vendors in Top Regions and Countries, Development Trends, Threats, Opportunities and Forecast to 2028-…

Global Post-Quantum Cryptography Market by Product Types, By Application, By End-user industry Outlook, and By Geography (Asia-Pacific, North America, Europe, South America, and the Middle East & Africa), Segments and Forecasts from 2022-2028

The key data supplied in this Post-Quantum Cryptography market research report makes it simple to improve product offerings. Changing company practices is critical for achieving large profits, and this is feasible owing to the supply chain and value supplied here. The competitor strategy offered here for the forecast period 2022-2028 enables businesses to make key business decisions. The major facts and insights offered here assist in strategic planning and achieving corporate objectives. With the help of the main methodologies presented in this Post-Quantum Cryptography market study report, it becomes simple to discover and use trends. By implementing the substantial proof and clearer understanding here, industry players can achieve high levels of success in their businesses. The research paper provides an in-depth understanding of many sectors as well as specializations. It also helps major players come up with the greatest marketing strategies for their items to be profitable and diversify their product line. The Post-Quantum Cryptography market research analysis is important when it comes to the launch of new products or the certification of a brand.

Get a Full PDF Sample Copy of the Report: (Including Full TOC, List of Tables and Figures, and Chart) at https://www.eonmarketresearch.com/sample/92398

Scope of the Global Post-Quantum Cryptography Market

This Post-Quantum Cryptography market study explains the company objectives to help major companies avoid potential competitors. Setting a purpose and creating a strong strategic plan will undoubtedly assist businesses in overcoming challenges and adjusting their operations accordingly. Post-Quantum Cryptography market research easy-to-understand language succeeds in achieving the goal of assisting various important participants at various stages of the business by facilitating communication. It also explains the primary strategies, gives important information, suggestions, and conclusions, and clarifies the goals. This thorough yet effective Post-Quantum Cryptography market report grabs the readers attention by providing precise facts in easy-to-understand language. As a result, it achieves the goal of leaving a lasting imprint on the readers mind.

Inquiry Post-Quantum Cryptography Market Report at https://www.eonmarketresearch.com/enquiry/92398

Post-Quantum Cryptography Market Outlook

Impact of COVID-19 on the Global Post-Quantum Cryptography Market

This section of the Post-Quantum Cryptography market report discusses the worldwide impact of the covid epidemic on business. This report details the impact on manufacturing activities, production, demand, logistics management, and distribution channels. Researchers have identified the steps or strategies that corporations are employing to combat the impact of COVID-19. Theyve also identified exciting possibilities that will emerge after COVID-19. This will allow players to take advantage of opportunities to recoup losses and stabilize their operations.

Post-Quantum Cryptography Market Segmentation

Post-Quantum Cryptography Market Competitor Outlook, this report covers ID Quantique, SeQureNet, Quintessence Labs, MagiQ Technologies, Toshiba, QuantumCTek, Qasky, QudoorThe market environment for the Post-Quantum Cryptography market contains information on each manufacturer. Corporate governance, profitability, income generated, potential growth, r and d investments, emerging market proposals, international presence, production sites, and infrastructure, business strengths and limitations, public offering, clinical research infrastructure, concepts, product approvals, patent applications, merchandise width and breadth, software dominance, and innovation lifeline curve are among the information included. The information presented herein is only about the organizations concentration on the global Post-Quantum Cryptography market.

Click Here to Download Free Sample Report (Get Detailed Analysis in PDF 151 Pages)

Product Type Outlook (Revenue, USD Billion; 2022 2028) Lattice-based Cryptography, Multivariate Cryptography, Hash-based Cryptography, Code-based Cryptography

Application/ End-user Industry Outlook (Revenue, USD Billion; 2022 2028) Financial, Government, Military & Defense, Others

Region Outlook (Revenue, USD Billion; 2022 2028) North Americao USo Canadao Mexico Europeo Germanyo UKo Franceo Italyo Spaino Beneluxo Rest of Europe Asia Pacifico Chinao Indiao Japano South Koreao Rest of Asia Pacific Latin Americao Brazilo Rest of Latin America Middle East and Africao Saudi Arabiao UAEo South Africao Rest of Middle East & Africa

Objectives of the Post-Quantum Cryptography market research report:

To identify the various subsegments of the Post-Quantum Cryptography market to better understand its dynamics. Identifies describes, and analyses the volume of sales, value, market dominance, Post-Quantum Cryptography market competitive landscape, PESTEL analysis, and development strategies for the major worldwide Post-Quantum Cryptography producers over the next several years. To examine the individual growth trends, career outlook, and proportion to the entire market for the Post-Quantum Cryptography market. To disseminate a precise overview of the most important aspects impacting Post-Quantum Cryptography market growth (growth potential, opportunities, drivers, industry-specific challenges, and risks). Analyze commercial movements in the Post-Quantum Cryptography market, such as market expansions, partnerships, new product launches, and acquisitions. To develop a strategic analysis of the prominent stakeholders and a thorough analysis of their business expansion.

Reasons to buy the global Post-Quantum Cryptography market

This research identifies the region and market sector that is likely to expand the fastest and dominate the Post-Quantum Cryptography industry. Market analysis of Post-Quantum Cryptography by region, covering the consumption of the manufacturer in each country as well as the factors that influence the market within each region. The market environment includes the top players market rankings, as well as new service/product announcements, collaborations, company growth, and acquisitions made by the companies profiled in the previous five years. For the top Post-Quantum Cryptography market players, extensive company profiles with business overviews, company insights, product evaluations, and SWOT analyses are available. The companys present and future outlook in light of recent changes (which include both advanced and developing regions growth possibilities and drivers, as well as difficulties and restraints).

Browse Complete Post-Quantum Cryptography Market Report Details with Table of contents and list of tables athttps://www.eonmarketresearch.com/post-quantum-cryptography-market-92398

About: Eon Market Research (EMR) is a specialized market research, analytics, and solutions company, offering strategic and tactical support to clients for making well-informed business decisions. We are a team of dedicated and impassioned individuals, who believe strongly in giving our very best to what we do and we never back down from any challenge. Eon Market Research offers services such as data mining, information management, and revenue enhancement solutions and suggestions. We cater to industries, individuals, and organizations across the globe, and deliver our offerings in the shortest possible turnaround time.

Contact: 8345 NW 66th St Miami, Florida, Zip 33195 United States Email: [emailprotected]

Read more:
Post-Quantum Cryptography Market by Competitive Vendors in Top Regions and Countries, Development Trends, Threats, Opportunities and Forecast to 2028-...