Cryptography@The New York Times

Posted on March 7, 2017 by admin

SK Telecom, Nokia team on quantum cryptography – Telecom Asia

Posted on March 7, 2017 by admin

SK Telecom and Nokia have teamed up to conduct joint research and development in the field of quantum cryptography for network transport.

The operators are collaborating to achieve interworking between SK Telecom's Quantum Key Distribution System (QKD) and Nokias next-generation optical transport system by the second half of 2017.

The first prototype from the collaboration the Quantum Transport System was shown off at Nokia's booth at Mobile World Congress 2017 last week.

SK Telecom said quantum cryptography is expected to replace existing security mechanisms in all areas at risk of data hacking, including national defense, finance, autonomous vehicles and the IoT.

In line with this projection, SK Telecom and Nokia have also agreed to cooperate in the area of quantum random number generation, which will be required to apply quantum cryptography to IoT devices.

SK Telecom has developed a quantum random number generator within the world's smallest CMOS Image Sensor (CIS) based silicon, measuring just 5x5mm. The company expects to tape out engineering samples of the chip in the second quarter and commercially launch it by the end of the year.

Since opening Quantum Tech Lab in 2011, SK Telecom has been making constant efforts to develop quantum cryptography technologies, SK Telecom CEO Park Jung-ho said.

Based on the cooperation with Nokia, SK Telecom will create a new paradigm and ecosystem in the field of ICT.

See more here:
SK Telecom, Nokia team on quantum cryptography - Telecom Asia

D’Crypt to include Barco Silex IP for public key cryptography in cutting-edge communication chip – Design and Reuse (press release)

Posted on March 3, 2017 by admin

LouvainlaNeuve, Belgium March 2nd, 2017 Barco Silex, leading provider of security IP cores, has entered into an agreement with DCrypt Pte Ltd, Singapores premier design house for hardware cryptography solutions. Barco Silex will provide DCrypt with its BA414EP core for public key cryptography for inclusion in their FPGA solutions that will secure automotive car-to-infrastructure communication. DCrypt selected the IP because of its state-of-the-art capabilities, unrivaled size/performance ratio and ease of integration.

In wireless communication between e.g. IoT sensor infrastructure or vehicles where security or billable information are involved, the integrity of the communication channel is of utmost importance. But before the applications on both sides can set up such secure communication channel, they first have to exchange and authenticate cryptographic keys over an unsafe channel. This is widely done with public key cryptography, a secure protocol that is, however, compute intensive. As a solution to allow secure communication for all applications that need it, also those with restricted resources, Barco Silex has created an IP block (BA414EP) that allows offloading the computations involved in public key exchange and authentication completely to hardware. The unrivalled performance/size ratio of the BA414EP IP core allows for high performance signature generation and verification needed in DCrypts solutions.

Karen Chong, project manager at DCrypt, says the company selected Barco Silex IP because its footprint can be scaled exactly to our requirements while still retaining top-notch performance. DCrypt is designing, among other products, an automotive-grade FPGA platform that will sit at the heart of a car-to-X infrastructure. To allow for massive IoT-like deployments, such a platform has to be as small and energy-efficient as possible, but at the same time be 100% dependable and secure. That is the main reason we chose Barco Silex as a supplier, says Karen Chong, but we were also charmed by the ease of integration of the blocks and the professional support of the Barco Silex engineers.

The BA414EP block for asymmetric cryptography is part of Barco Silex library of cryptography IP cores, offering a solution for every security situation and level. But having a complete set of IP is only the beginning, says Sbastien Rabou, product manager cryptography at Barco Silex. Our customers can only be successful in this extremely competitive and rapidly changing landscape, if they can integrate our cryptographic IP without any delay and with minimal additional cost to achieve their time to market. Next to making our IP scalable, we also put a lot of effort in the ease of integration. And that choice is clearly appreciated by our partners such as DCrypt.

About Barco Silex

Barco Silex (Louvain-La-Neuve, Belgium) is a world leader in security IP cores and platforms, encryption and video processing, as well as in electronic design services (ASIC, FPGA, DSP, Board). Thanks to its continued stream of innovations, Barco Silex provides state-of-the-art security solutions, with security platforms and encryption cores that deliver unrivaled speed and performance in a very compact footprint. Barco Silex is a subsidiary of Barco (NYSE Euronext Brussels: BAR), the global leader in networked visualization products for the entertainment, enterprise and healthcare markets. For more information about Barco Silex: http://www.barco-silex.com

About DCrypt

DCrypt Pte. Ltd. (Singapore) is a high-value design and development house, delivering full-spectrum leading-edge cryptographic technology and components that form an integral part of its customer information security appliances, systems and applications. With its extensive technology development program, D'Crypt prides itself in being able to supply a variety of technologies in the field of information security, technologies that have immediate practical uses and are full-system secure. DCrypt helps its customers achieve first mover advantage. For more information about DCrypt: http://www.d-crypt.com

Product page: http://www.barco-silex.com/products/security/public-key-asymmetric/

More:
D'Crypt to include Barco Silex IP for public key cryptography in cutting-edge communication chip - Design and Reuse (press release)

Crypto Valley launch breathes life into blockchain and cryptography – Banking Technology

Posted on March 1, 2017 by admin

Switzerland-based Crypto Valley Association has launched as the nation looks to boost its blockchain and cryptographic ecosystem.

Headquartered in the Swiss canton of Zug, Crypto Valley is an independent, government-supported association which aims to foster the development of digital technologies in Switzerland and internationally. The association will support start-ups and established enterprises through policy recommendations, research projects; and by organising conferences, hackathons and other industry events.

Members include New York-based blockchain production studio ConsenSys, UBS, Oscars-ruining PwC, Thomson Reuters, financial services firm Luxoft, the canton of Zug, and Lucerne University of Applied Sciences and Arts.

Crypto Valley is led by president Oliver Bussmann, founder and managing partner of Bussmann Advisory and ex-CIO of UBS and SAP.

Bussmann says the association is not just promoting a region but also further strengthening Switzerlands position as a leading centre of innovation in this sector.

State of the nation

Switzerland has proven to be a hotbed of fintech activity.

Recently, Switzerlands Federal Council issued a consultation paper on amendments required to its Banking Act and Banking Ordinance, to create an environment that helps fintech start-ups thrive in the country.

The Monetary Authority of Singapore (MAS) and the Swiss Financial Market Supervisory Authority (FINMA) also signed an agreement to foster more fintech co-operation.

Read the original post:
Crypto Valley launch breathes life into blockchain and cryptography - Banking Technology

SK Telecom (SKM) and Nokia (NOK) Enter Cooperation Agreement for Quantum Cryptography – StreetInsider.com

Posted on February 28, 2017 by admin

Get instant alerts when news breaks on your stocks. Claim your 2-week free trial to StreetInsider Premium here.

SK Telecom (NYSE: SKM) today announced that it entered into an agreement with Nokia to cooperate in the quantum cryptography business.

Under the agreement, SK Telecom and Nokia will conduct joint research and development activities to achieve interworking between SK Telecom's Quantum Key Distribution System (QKD) and Nokia's next-generation optical transport system by the second half of this year.

SK Telecom and Nokia have been working together closely from 2016 for interoperation of SK Telecom's quantum technologies with Nokia's optical transport system. The first prototype of this collaboration, also known as Quantum Transport System, is being demonstrated at Nokia's booth (Hall 3, 3A10) during the 2017 GSMA Mobile World Congress.

The quantum cryptography communication is known as the most secure form of communication encryption that cannot be broken with any existing hacking technology. Quantum cryptography is expected to replace the existing security solutions in all areas at risk of data hacking, including national defense, finance, autonomous vehicle and the Internet of Things (IoT).

Under the agreement, the two companies will also cooperate in the area of Quantum Random Number Generator (QRNG), a technology necessary for applying quantum cryptography technologies to IoT devices.

SK Telecom's QRNG is the world's smallest 5x5mm CMOS Image Sensor (CIS) based all-in-one, single silicon (ASIC) providing non-deterministic true random numbers on demand from quantum-shot noise. SK Telecom plans to tape out engineering samples of QRNG chip (ASIC) in the second quarter of 2017 and commercial launch is planned by the year end. SK Telecom envisions using QRNG for Internet of "secure" Things (IoT).

"Since opening Quantum Tech Lab in 2011, SK Telecom has been making constant efforts to develop quantum cryptography technologies," said Park Jung-ho, CEO and President of SK Telecom. "Based on the cooperation with Nokia, SK Telecom will create a new paradigm and ecosystem in the field of ICT."

"With SK Telecom's quantum cryptography technologies, we have secured the basis for building the most secure network security solution," said Rajeev Suri, CEO of Nokia. "We will respond proactively to rapidly growing demands of the cyber security market with these technologies and solutions."

SK Telecom and Nokia Sign Cooperation Agreement for Quantum Cryptography – PR Newswire (press release)

Posted on February 27, 2017 by admin

Under the agreement, the two companies will also cooperate in the area of Quantum Random Number Generator (QRNG), a technology necessary for applying quantum cryptography technologies to IoT devices.

About SK Telecom

Established in 1984, SK Telecom is the largest mobile operator in Korea by both revenue and number of subscribers. As of December 2016, the company holds around 50 percent of the market, with 29.60 million mobile subscribers including 21.1 million LTE subscribers. It has reached KRW 17.092 trillion in revenue in 2016.

SK Telecom has led the advancement of mobile technologies ranging from 2G to 4G, and is currently setting important milestones in its journey to 5G. The company is not only leading innovation in the field of mobile network, but also providing IoT, media, home and platform services.

SK Telecom is determined to play a significant role in the Fourth Industrial Revolution by achieving innovations and promoting shared growth with other players in the industry.

For more information, please visit http://www.sktelecom.com/en or contact skt_press@sk.com.

To view the original version on PR Newswire, visit:http://www.prnewswire.com/news-releases/sk-telecom-and-nokia-sign-cooperation-agreement-for-quantum-cryptography-300413873.html

SOURCE SK Telecom

http://www.sktelecom.com

Original post:
SK Telecom and Nokia Sign Cooperation Agreement for Quantum Cryptography - PR Newswire (press release)

RSA 2017 and Google: Celebrating Cryptography | Fortune.com – Fortune

Posted on February 26, 2017 by admin

I had the pleasure of dining with a tableful of cryptographersthe true guests of honorat the RSA security conference in San Francisco last week.

As we noshed gnocchi at the Four Season's Hotel, I learned about the group's work. One researcher, Liron David, a PhD student at Tel-Aviv University, described an improved technique for recovering cryptographic keys from so-called side channel attacks. These attacks entail using weaknesses in the physical implementation of a system (like the sound, heat, and electromagnetic energy emitted by a whirring hard drive), as opposed to algorithmic flaws (like a faulty random number generator), for decipherment. Her method involved complex mathematics (which I will not attempt to muck up in the space allotted here).

Get Data Sheet , Fortune s technology newsletter, where this essay originated.

Another researcher, Peter Scholl, a cryptographer at the University of Bristol, detailed his work on "oblivious transfer." First developed in 1981, this privacy-protective mechanism allows one party, like a person or computer server, to relay information to another party without knowing exactly what has been sent. Imagine looking up a contacts phone number through a messaging service, like WhatsApp for example, without the company behind it (in this case Facebook ( fb ) ) knowing which information you sought. That extra privacy might be preferable under certain circumstances, Scholl said.

Cryptography is a vitally important, if opaque, sciencethe basis of our security in an increasingly digital world. A reminder of that arrived Thursday when researchers at Google ( goog ) and a Dutch research institute sounded what they hope to be the final death knell for a decades-old cryptographic algorithm called SHA-1. Suffice it to say that they achieved a featthe first "collision" of data supposedly secured by SHA-1which will have immediate ramifications for the way many businesses operate electronically. (The Wall Street Journal has an excellent summary of the impact here .)

For more on cybersecurity, watch:

Esoteric mathematics make the world hum, and the codebreakers deserve our praise.

Google’s Collision Shakes Up Computer Cryptography – PC Magazine

Posted on February 24, 2017 by admin

A cryptographic hash collision suggests the SHA-1 standardused to authenticate documentscan be hacked.

Google researchers have engineered an extremely rare and invisible collision, but they didn't need the Large Hadron Collider to do it.

That's because their collision isn't atomic, it's cryptographic: after years of trying, Google found a way to crack the SHA-1 cryptographic hash function, a security building block that enables digital signatures and HTTPS encryption.

Cracking SHA-1 requires creating a cryptographic hash collision, which is essentially when a single hash, or "digest" applies to two different files.

"A collision occurs when two distinct pieces of dataa document, a binary, or a website's certificatehash to the same digest," Google explained in a blog post. "In practice, collisions should never occur for secure hash functions. However if the hash algorithm has some flaws, as SHA-1 does, a well-funded attacker can craft a collision."

The danger of a collision is much the same as weak encryption: hackers could exploit it. In this case, they could use a collision to trick a system into accepting a malicious document or other file using the hash of a benign one.

Google's collision comes more than 20 years after SHA-1 was first introduced, and suggests that the standard isn't secure enough to handle sensitive information. To prove their collision, Google's researchers provided two PDFs that have identical SHA-1 hashes but different content.

"We hope that our practical attack against SHA-1 will finally convince the industry that it is urgent to move to safer alternatives such as SHA-256," Google wrote.

Other security experts agree: in light of Google's findings, password management company LastPass said it would be accelerating its retirement of SHA-1. LastPass, the Google Chrome browser, and much of the rest of the Internet is gradually moving to the SHA-256 encryption standard.

Tom is PCMag's San Francisco-based news reporter. He got his start in technology journalism by reviewing the latest hard drives, keyboards, and much more for PCMag's sister site, Computer Shopper. As a freelancer, he's written on topics as diverse as Borneo's rain forests, Middle Eastern airlines, and big data's role in presidential elections. A graduate of Middlebury College, Tom also has a master's journalism degree from New York University. Follow him on Twitter @branttom. More

Original post:
Google's Collision Shakes Up Computer Cryptography - PC Magazine

Blog: US Air Force Awards $875 Million for Cryptography and Information Assurance – Signal Magazine

Posted on February 24, 2017 by admin

General Dynamics Mission Systems, Scottsdale, Arizona (FA8307-17-D-0006); Harris Corp., Rochester, New York (FA8307-17-D-0007); L-3 Systems Corp., Camden, New Jersey (FA8307-17-D-0008); Leidos Inc., Columbia, Maryland (FA8307-17-D-0009); Raytheon, El Segundo, California (FA8307-17-D-0010); Sypris Electronics LLC, Tampa, Florida (FA8307-17-D-0011); and ViaSat Inc., Carlsbad, California (FA8307-17-D-0012) have been awarded a combined not-to-exceed $875 millionindefinite-delivery/indefinite-quantity contract. Contractors will provide total life cycle support of cryptographic and information assurance-related products and will include contracted activities during materiel solutions analysis; technology maturation and risk reduction; engineering; and manufacturing development, production and product support. Work will be performed primarily at each contractors location. The work is expected to be completed by December15, 2026.This award is the result of a competitive acquisition with seven offers received. Fiscal 2016 research, development, testand evaluation funds in the amount of $5,000 are being obligated to each company at the time of award. Air Force Life Cycle Management Center, Joint Base San AntonioLackland, Texas, is the contracting activity.

See the article here:
Blog: US Air Force Awards $875 Million for Cryptography and Information Assurance - Signal Magazine

SHA-1 crypto algorithm is dead by collision attack – CyberScoop

Posted on February 24, 2017 by admin

TheSHA-1 cryptographic hash functionis dead.

A24-year-old security mechanism still in wide use around the internet today, the NSA-developed cryptographic algorithm was finally proven to be broken this week by a team of Dutch cryptographers and Google researchers who published their work atshattered.io. The researchers showed how to collide two different files but come out with the same digital signature, showing once and for all that the SHA-1 algorithm suffers from fatal weaknesses and can no longer effectively be trusted as a cryptographic signature guaranteeing the veracity of files.

You can read the full research paper here. The attack, which took the equivalent of 110 years of single-GPU computations and 6,500 years of single-CPU computations, has never been spotted in the wild.

Although SHA-1 was officially deprecated by NIST in 2011, its still used widely in digital certificates, software management and encryption programs. Cryptographic algorithms are used as crucial bulwarks of security. When the MD5 algorithm was broken in 2010, nation-state attackers forged Microsofts signature and could then hijack Windows update impacting millions of users, making the infiltration of targeted networks a far more obtainable task.

In 2012, when the death of SHA-1 was still just a hypothetical, researchers warned of the consequences.

When it does happen, its going to be a disaster, because SHA1 is everywhere, Matthew Green, a cryptography professor at Johns Hopkins University, toldArs Technica. You could be Microsoft, you could be Google, if you were able to get an attack on SHA-1.

The cryptographer Bruce Schenier recommendedthat same year to begin migration away from SHA-1 as quickly as possible.

As of Friday, both Chrome and Firefox will automatically protectusers from insecure TLS/SSL certificates. Files sent in Gmail and Google Drive are already subject to testing against the attack.

The researchers point to safer alternatives, such as SHA-256 or SHA-3. Other experts suggest looking at speedier functions like Blake2. Whatever the choice, the lesson is clear: Change or be a soft target.

See the rest here:
SHA-1 crypto algorithm is dead by collision attack - CyberScoop