The new fibre optic cable will initially be used mostly for money transfers by ICBC. Photo: Bloomberg

China will soon have the world's most secure major computer network, making communications between Beijing and Shanghai impenetrable to hackers and giving it a decisive edge in its quiet cyberwar with the United States.

In two years' time, a fibre-optic cable between the two cities will transmit quantum encryption keys that can completely secure government, financial and military information from eavesdroppers.

"We learnt after the Edward Snowden affair that we are always being hacked," said Professor Pan Jianwei, a quantum physicist at the University of Science and Technology of China (USTC) in Hefei, who is leading the project. "Since most of the products we buy come from foreign companies, we wanted to accelerate our own programme," he added. "This is very urgent because classical encryption was not invented in China, so we want to develop our own technology."

The $110 million cable, which is being funded by the central government and has been supported by the Central Military Commission, will initially mostly be used for money transfers by ICBC, the world's largest bank.

Advertisement

However, Professor Pan said eventually all communications in China, down to storing photographs on cloud servers, could feature quantum encryption.

"Ten years ago it was not so easy to get sufficient funding to support theoretical research, but since 2006 and 2007 when the economy really went well, they have been putting more money into research and then it really sped up," he said.

Half an hour's drive away from Professor Pan's office, at Quantum Communications Technology, a company spun out of the university to commercialise the technology, the importance of the project is clear.

On the walls are framed photographs of visits from almost all of China's top leaders, including president Xi Jinping.

Follow this link:
China's quantum leap in cyber security war

Why Encryption Over The Internet Is Completely Useless - HotNoob
Encryption / Protocols such as SSL only serve to provide a false sense of security. In order for encryption to work, BOTH the receiver and sender MUST have t...

By: HotNoob

See the rest here:
Why Encryption Over The Internet Is Completely Useless - HotNoob - Video

Securing Broker Less Publish or Subscribe Systems Using Identity Based Encryption
Securing Broker Less Publish or Subscribe Systems Using Identity Based Encryption LeMeniz Infotech A Leading Software Concern Stepping in IEEE Projects 2014-...

By: LeMeniz Infotech

Continued here:
Securing Broker Less Publish or Subscribe Systems Using Identity Based Encryption - Video

Large numbers of websites and Internet services are disappearing behind encrypted connections, part of a growing visibility void in which organisations struggle to tell friendly traffic from foe, security firm Blue Coat has argued.

At first sight its an odd perspective because the use of encrypted HTTPS connections by services such as Google, Facebook and Twitter is normally seen as a good thing, which indeed it is. But tolerance of unmonitored traffic is now carving out a space for malevolent traffic to flourish, or so the argument goes.

The problem is that organisations can ignore encrypted traffic and risk letting in malevolent software which also increasingly uses encryption to hide command and control, or disallow it all, making it impossible for employees to visit legitimate sites.

Using figures from Blue Coats customers, 69 percent of traffic to the top 50 most popular websites is now encrypted by default, with Google, Facebook, YouTube, Yahoo and Baidu the top five in that order.

Only mass-market news sites such as ESPN, BBC News, CNN, or Pandora, leave encryption turned off for maximum compatibility. In the UK, the BBC is now the only non-encrypted site in the top ten.

Meanwhile, the growth of cloud services - big users of encryption - is adding to the probability that in time almost all corporate traffic would be invisible.

The tug of war between personal privacy and corporate security is leaving the door open for novel malware attacks involving SSL over corporate networks that put everyones data at risk, claimed Blue Coats chief security strategist, Hugh Thompson.

For corporations to secure customer data and meet regulatory and compliance requirements, they need the visibility to see the threats hiding in encrypted traffic and the granular control to make sure employee privacy is also maintained.

The firm also said that around one in ten of the security requests its researchers received in an average week was now regarding a suspicious website using encryption, equivalent to around 100,000 requests.

It is these dark or unknown sites that underline the need to monitor encrypted channels, he firm said, giving the example of the Dyre malware as only the latest example from a growing list using encrypted channels.

Read the original:
Spread of Internet encryption creating 'visibility void' claims Blue Coat

However, Prof Pan said eventually all communications in China, down to storing photographs on cloud servers, could feature quantum encryption.

"Ten years ago it was not so easy to get sufficient funding to support theoretical research, but since 2006 and 2007 when the economy really went well, they have been putting more money into research and then it really sped up," he said.

Half an hour's drive away from Prof Pan's office, at Quantum Communications Technology, a company spun out of the university to commercialise the technology, the importance of the project is clear. On the walls are framed photographs of visits from almost all of China's top leaders, including president Xi Jinping.

A huge video screen shows 56 terminals across the city that are already using quantum encryption. Currently, anyone wanting to send a secret message over the internet encrypts their communications so that only someone with the right code at the other end can unlock it.

But the US National Security Agency reportedly has computers powerful enough to crack encryption codes and is developing a quantum computer that will be able to run calculations so quickly that it can easily defeat encryption.

That means that, if it is able to tap fibre-optic cables and copy data travelling down the line, its hackers should be able to unlock the information.

Quantum encryption relies upon writing the encryption codes, or keys, upon single photons of light (a quantum particle). If a hacker tries to eavesdrop on the line, they will disturb the encoding of the photon and be detected. Consequently, said Prof Pan, it should provide perfect security.

"Of course, although quantum communication can in principle provide absolute security, in practice, we have to prove it thoroughly by various hacking tests. So we are inviting the finest hackers to attack our system," he said.

"The Chinese are really pushing the boundaries," said Raymond Laflamme, the head of the Institute for Quantum Computing at the University of Waterloo in Canada. "They are moving at an incredible rate. No one else around the world has plans that are this ambitious."

"China is putting itself in the position of having secure private information that other countries will not be able to tap," he added.

See the article here:
China builds computer network impenetrable to hackers

Four Alle-Kiski Valley police departments went off the public air waves Thursday as they tested radio transmissions that don't allow the public to listen in on police responding to everything from a simple traffic stop to a shooting.

In the past year, Upper Burrell police approached other police departments on the same radio frequency for police communications Arnold, Lower Burrell and New Kensington after they heard their own radio transmissions at crime scenes.

Technology has passed up law enforcement in the communications world, said Upper Burrell police Chief Ken Pate.

Officer safety is driving these police departments to keep their radio chatter private through encryption, a process that jumbles the messages to those listening outside of the police stations, including the public, fire companies and ambulances.

For decades, anyone who bought a police scanner could listen to police radio transmissions. But more people are now able to listen in on police calls via free computers apps that allow Internet-connected cellphones and laptops to hear emergency dispatching transmissions.

Pate was prompted to block public access to his police radio transmissions when he responded to a domestic violence call last year.

Pate said that when he went to interview the victim's mother and broadcast an alert to be on the lookout for the assailant I could hear my own voice echoing back from the kitchen.

Pate says such information allows criminals to potentially know police whereabouts during a crime.

Currently, there are no plans on how police will alert the public and the media about police actions in their towns.

Those with police scanners will not be able to listen in once the encryption program takes effect. It is still in the testing phase.

Read more from the original source:
Encryption will let A-K police communicate without ‘bad guys’ listening in

New GCHQ boss attacks Silicon Valley and encryption (03Nov14)
New head of criminal network GCHQ Robert Hannigan attacks the technology giants of Silicon Valley for not allowing a free for all to users data, for enabling...

By: liarpoliticians

Read more:
New GCHQ boss attacks Silicon Valley and encryption (03Nov14) - Video

The RSA Encryption Algorithm (1 of 2: Computing an Example)

By: Eddie Woo

Go here to see the original:
The RSA Encryption Algorithm (1 of 2: Computing an Example) - Video

Four Alle-Kiski Valley police departments went off the public air waves Thursday as they tested radio transmissions that don't allow the public to listen in on police responding to everything from a simple traffic stop to a shooting.

In the past year, Upper Burrell police approached other police departments on the same radio frequency for police communications Arnold, Lower Burrell and New Kensington after they heard their own radio transmissions at crime scenes.

Technology has passed up law enforcement in the communications world, said Upper Burrell police Chief Ken Pate.

Officer safety is driving these police departments to keep their radio chatter private through encryption, a process that jumbles the messages to those listening outside of the police stations, including the public, fire companies and ambulances.

For decades, anyone who bought a police scanner could listen to police radio transmissions. But more people are now able to listen in on police calls via free computers apps that allow Internet-connected cellphones and laptops to hear emergency dispatching transmissions.

Pate was prompted to block public access to his police radio transmissions when he responded to a domestic violence call last year.

Pate said that when he went to interview the victim's mother and broadcast an alert to be on the lookout for the assailant I could hear my own voice echoing back from the kitchen.

Pate says such information allows criminals to potentially know police whereabouts during a crime.

Currently, there are no plans on how police will alert the public and the media about police actions in their towns.

Those with police scanners will not be able to listen in once the encryption program takes effect. It is still in the testing phase.

Go here to see the original:
Encryption will let police communicate without ‘the bad guys’ listening in

14 hours ago by Nancy Owano

A team of researchers from UC Berkeley and University of Maryland believe they have come up with a previously unexplored design point, ShadowCrypt, that enables encrypted input/output without trusting any part of the web applications. That means they are suggesting a tool that can bring simple encrypted messaging to webmail and social networking sites. That means you could send and receive encrypted text on Facebook and Twitter. MIT Technology Review refers to it as a prototype browser extension, where the site operator or anyone intercepting the posting sees only a garbled string of letters and numbers. The researchers, in their paper, "ShadowCrypt: Encrypted Web Applications for Everyone," prepared for presentation at the ACM Conference on Computer and Communications Security, discussed the chokepoint in their design.

"This chokepoint encrypts data before the application code (including the client-side code) can access it. The application can only view an encrypted version of the data. This requires isolating the input and output fields while still providing the application access to the encrypted data. Choosing this chokepoint means that no application code is in the TCB. This leads to a system secure against attackers at the client-side as well as the server-side. It also gives the user complete control over the data. In contrast, previous proposals required trusting application developers to handle data in a privacy-preserving manner."

They implemented ShadowCrypt as a Google Chrome browser extension. The extension is available on the Chrome Store for anyone to try out; ShadowCrypt also has its own web site.

When you install the extension, said the team, you have a few keys set up by default. These are to see if everything is working correctly. "Encryption is great for small group collaboration," said the site. "You can share your encryption key to allow your collaborators to see what you've written." ShadowCrypt is developed and maintained by the WebBlaze team, called WebBlaze, from UC Berkeley and collaborators from University of Maryland. They are Warren He, Devdatta Akhawe, and Sumeet Jain, and Dawn Song from Berkeley, and Elaine Shi from the University of Maryland. The source code is on their GitHub repository.

This video is not supported by your browser at this time.

To put ShadowCrypt to work, explained Tom Simonite in MIT Technology Review, "you install the extension and then create encryption keys for each website you wish to use it with. A small padlock icon at the corner of every text box is the only indication that ShadowCrypt is hiding the garbled encrypted version that will be submitted when you hit the 'send' or 'post' button."

Discussing future work in their paper, the team said "We are currently working on supporting additional schemes that can work transparently," such as Format Preserving Encryption and Attribute-based Encryption. In the longer run, they said their aim is to support encryption schemes that rely on modifications to existing web applications to work, such as Searchable Encryption or Fully Homomorphic Encryption.

Explore further: MIT researchers develop Mylar a platform for building secure web applications

More information: http://www.technologyreview.com/news/ ages-on-any-website/

Here is the original post:
ShadowCrypt research project shows encryption approach