Revelations about the National Security Agency's electronic eavesdropping capabilities have sparked anger in Germany and a boom in encryption services that make it hard for the most sophisticated spies to read emails, listen to calls or comb through texts.

Jon Callas, co-founder of Silent Circle, which sells an encryption app allowing users to talk and text in private, said a series of disclosures from former intelligence contractor Edward Snowden last year have been a boon for business.

Silent Circle is one of a host of online security companies cashing in on swarms of new security-conscious customers around the world who want to shield their communications from foreign governments and nowhere is the market hotter than in Germany, whose chancellor, Angela Merkel, was reported to be a target.

"Germans have always been particularly attuned to security and privacy concerns," Callas said. "I think that culturally, Germany has seen privacy problems in their recent past. There are people who remember the communists. There is still a cultural sore spot over security and privacy, an understanding of what can go wrong better than any other place in the world."

The companies' customers range from diplomats and journalists to privacy advocates and people trying to protect trade secrets.

"If you're a reporter, you can talk confidentially to a source. If you're a banker, you can talk to a client. If you're a business person, you can use it in places where spying is a cultural norm," Callas said.

Although Silent Circle doesn't provide specific numbers, Callas said it saw a "huge increase" in subscriptions to its private phone and text service after Snowden's disclosures and a spike in Germany after two reported cases of suspected U.S. spying there earlier this year.

And while the technology has Silicon Valley roots, the servers are in Canada and Switzerland, two countries with strong privacy protections. Two weeks ago, Silent Circle also began selling a secure smartphone, whose first run sold out, Callas said.

At CeBIT, a leading tech industry event held annually in the German city of Hannover, Deutsche Telekom was among several companies to launch new security products on the back of Snowden's revelations.

"I want to send a personal thanks to the NSA, because we wouldn't be having this discussing if that hadn't happened," Reinhard Clemens, a Deutsche Telekom board member, told reporters. "That was the best marketing campaign we've ever had."

See more here:
Spying Revelations Lead to German Encryption Boom

Google Inc. (NASDAQ:GOOGL) just gave a nod to more-secure websites. The Mountain View, California, company said that encrypted websites that use HTTPS will get a boost in its ranking algorithm in a bid to encourage developers to adopt technology that protects against hackers.

Initially, fewer than 1 percent of global queries will be affected, Google said, but plans are to boost that weighting over time. Google's algorithm rewards sites with high-quality content a higher ranking in its search results, so the company has the power to spur Web developers into action. Google said developers will be given time to make the shift to HTTPS.

"This is a huge deal," Christopher Soghoian, a principal technologist for the American Civil Liberties Union, told the Wall Street Journal. "This is the ultimate carrot for websites" to use encryption. The newspaper reported in April that Google executives were discussing taking encryption into account in Web rankings.

Encrypted data adds a barrier between Web users and anyone snooping or seeking to steal their personal information. Google has stepped up its efforts to help make the Internet more secure in the wake of disclosures about Internet snooping by the National Security Agency. Yahoo Inc. (NASDAQ:YHOO) said in November that it planned to encrypt its data center traffic.

Over time, we may decide to strengthen it, because wed like to encourage all website owners to switch from HTTP to HTTPS to keep everyone safe on the Web, Google said in a blog entry Wednesday.

Google plans to publish a series of best practices around adding more secure encryption to websites, including tips on what certificate type is needed, how to use relevant URLs for resources on the same secure domain and best practices for allowing site indexing.

If a website currently uses HTTPS encryption, administrators can test its security using Qualys SSL Labs' online tool, Google said, or they can contact Googles webmaster forum for further help.

More here:
Website Encryption To Affect Google Search Results

Yahoo Chief Information Security Officer Alex Stamos announced today at Black Hat 2014 that starting in the fall of this year, the purple-hued company willbegin giving users the option of seamlessly wrapping their e-mails in PGP encryption. According to Kashmir Hill at Forbes, the encryption capability will be offered through a modified version of the same End-to-End browser plug-in that Google uses for PGP in Gmail.

The announcement was tweeted by Yan Zhu, who has reportedly been hired by Yahoo to adapt End-to-End for use with Yahoo Mail. Zhu formerly worked as an engineer at the Electronic Frontier Foundation, an organization thathas consistently been outspoken in its call for thewidespread use of encryption throughout the Web and the Internet in general.

In an interview with the Wall Street Journal, Stamos acknowledged that the introduction of encryption will require some amount of education for users to make sure their privacy expectations are set appropriately. For example, he explained that PGP encryption wont cloak the destination of your e-mail. "We have to make it clear to people it is not [a] secret youre emailing your priest, but the content of what youre e-mailing him is secret,"Stamos said.

Of course, nothing is stopping sufficiently motivated users from using PGP encryption with Yahoo Mail today. The problem is that without a plug-in like End-to-End, getting asymmetric key cryptography working in webmail (or in any e-mail client, for that matter) requires climbing a relatively steep learning curve. People wantingto communicate via encrypted e-mail have to be at least minimally familiar with how to exchange and manage public keys, how to keep their private keys properly secure, and how to actually encrypt and decrypt messages. Flattening that curve and turning encryption into a single-click process will go a long way toward increasing the number of people actively using encryption in e-mail.

The Wall Street Journal also brings up Lavabit, the encrypted e-mail provider that chose to go out of business last year rather than continue operating after giving the FBI the ability to decrypt its users messages. In Lavabits case, the government was able to compel the company to turn over its private SSL-TLS key, which could be used to view encrypted messages in flight between users computers and the Lavabit servers. With PGP encryption implemented in a browser plug-in, though, messages are encrypted before theyre transmitted, and the private keys cannot be disclosed by Yahoo because the companydoesnt possess them.

Stamos statement on the matter of what would happen if a government agency came calling is blunt. He characterizes Yahoo as "a multibillion-dollar company with an army of lawyers who would love to take this argument all the way to the Supreme Court."

See the article here:
Yahoo to begin offering PGP encryption support in Yahoo Mail service

Summary: At Black Hat USA 2014, Yahoo's CISO announced in a presentation that consumers will be seeing end-to-end encryption in its Mail product by 2015.

Today at Black Hat USA 2014, Yahoo's CISO announced in a presentation that consumers will be seeing end-to-end encryption in its Mail product by 2015.

Announcing a new PGP plugin that piggybacks off of Google'sPGP plugin, Alex Stamos told the audience at his talkBuilding Safe Systems at Scale - Lessons from Six Months at Yahoothat this project has been a priority since he joined Yahoo Inc. six months ago.

Recruited for the project is (now former) EFF staff technologist Yan Zhu.

In the Thursday talk, Stamos told attendees that Yahoo is using the end-to-end encryption plugin that Google released a few months ago, with the plan of having both Yahoo Mail and Gmail able to exchange encrypted mail between the services seamlessly and easily.

IT Security in the Snowden Era

The Edward Snowden revelations have rocked governments, global businesses, and the technology world. When we look back a decade from now, we expect this to be the biggest story of 2013. Here is our perspective on the still-unfolding implications along with IT security and risk management best practices.

The move is a step in the right direction for security teams endeavoring to bring ecncryption to consumers, which faces challenges around ease of use for the ordinary user.

Encryption has followed security's traditional quandary of easy versus secure. Basically, if anything [in tech] is easy to use, lots of people will use it -- but security and simplicity seldom go hand-in-hand.

Stamos directly referenced the 'post-Snowden era' of consumer privacy and security as the impetus for his push at Yahoo to his Black Hat audience.

Excerpt from:
Yahoo CISO: End-to-end Mail encryption by 2015

IEEE 2014-2015: Attribute Based Encryption with Privacy Preserving In Clouds
Title: Attribute Based Encryption with Privacy Preserving In Clouds Domain: Cloud Computing Abstract: Security and privacy are very important issues in cloud...

By: InnovationAdsOfIndia

Read more:
IEEE 2014-2015: Attribute Based Encryption with Privacy Preserving In Clouds - Video

August 6, 2014 - Combining data encryption with split-key encryption and homomorphic key management technologies, Porticor Virtual Private Data System protects critical data in public, private, and hybrid cloud environments. By supporting Microsoft SQL Server Transparent Data Encryption, product secures Microsoft's database in cloud infrastructures. Software-defined key management solution eliminates risks of storing SQL Database Encryption Keys on database server, where they can be compromised or stolen. Porticor 10 Yirmiyahu St. Ramat Hasharon, Israel Press release date: August 5, 2014

Porticor Virtual Private Data System Leverages Software-Defined Key Management to Eliminate Complexities and Risks Found in Traditional Hardware Encryption Security Modules

CAMPBELL, Calif. Porticor, a leading cloud data security company delivering the only cloud-based data encryption and key management solution that infuses trust into the cloud and keeps cloud data confidential, today announced that it supports Microsoft SQL Server Transparent Data Encryption (TDE), securing Microsofts database in cloud infrastructures with its Porticor Virtual Private Data (VPD).

Porticors software-defined key management solution eliminates risks surrounding storing SQL Database Encryption Keys (DEK) on the database server, where they can be compromised or stolen. Porticor integrated with Microsofts Transparent Data Encryption secures data through strong encryption, and also protects it from root access by administrators. The Porticor solution supports virtual systems, and private and public clouds.

Storing the data encryption keys in Porticors key management service, Porticors MS SQL Server plugin is a small installable package that can be added to a running SQL Server database with minimal configuration through normal SQL statements. The Porticor appliance is set up in minutes, and since it is a generic key management system it does not need to be configured to enable integration with a SQL Server. Uniquely, due to Homomorphic Key Management and Split Key Encryption technologies, the solution provides both secure key storage and secure key caching with no hardware needed, combining high security with top performance.

Since SQL servers often hold an organizations most important information, they are a favorite target for attacks, said Gilad Parann-Nissany, Porticor founder and CEO. Microsofts Transparent Data Encryption feature encrypts the database, but in cloud computing the question of encryption key management comes into play. With Porticor, the DEKs are never stored on the SQL Server disk, are protected by a split key method, and remain under control of the customer, eliminating the chance of the keys getting stolen or hacked.

Microsoft created the Extensible Key Management (EKM) API to provide integration between the SQL Server and a Hardware Security Module (HSM) key management system or a software-defined key management solution, such as Porticor. EKM supports Transparent Data Encryption to protect SQL Server data. With Porticors EKM integration, the DEK is encrypted by an asymmetric key that never leaves the key management system, and is itself protected through Homomorphic Split Key Encryption. When the database is started, it authenticates into the Porticor virtual appliance and retrieves the DEK. Since the DEK is never stored on the SQL Servers disk, if the disk is ever removed and discarded, its encrypted tables cannot be decrypted. In addition to wholesale database encryption, EKM and Porticors advanced API enable fine granular encryption of specific tables, database row, columns and records.

The Porticor Virtual Private Data system is the industrys only solution combining data encryption with patented split-key encryption and homomorphic key management technologies to protect critical data in public, private and hybrid cloud environments. Unlike traditional data encryption solutions, which are complicated and expensive to deploy and manage, Porticors split-key encryption and homomorphic key management system is offered as the industrys first cloud data protection service of its kind, delivering true confidentiality of data in the cloud by ensuring customer encryption keys are not exposed.

While other solutions require encryption keys to be manually managed for every disk, distributed storage or database record, or to be owned by a cloud provider, Porticors homomorphic split-key encryption technology eliminates both complexity and compromises. Porticor restores key ownership to customers while automatically managing customer encryption keys with maximum security. With homomorphic key management, the keys are protected at all times even while they are in use. Porticor protects the entire data layer stack, including virtual disks, distributed storage, databases, and applications. It dynamically encrypts and decrypts virtual data whenever the application needs access, and delivers a key management system that is fully hosted in the cloud, yet offers the confidentiality, security and trust of a system that is hosted inside the datacenter. Within minutes, customers can encrypt their entire data layer with the proven AES 256-bit encryption algorithm. For product release notes see https://pvkm.porticor.com/porticor-setup/release-notes.php.

About Porticor Porticor is the leading cloud security company delivering easy-to-use and scalable security solutions for cloud data encryption and key management. The Porticor Virtual Private Data (VPD) system is the industrys first solution combining data encryption with patented split-key encryption and homomorphic key management to protect critical data in public, private and hybrid cloud environments. Using breakthrough split-key encryption and homomorphic key management, the Porticor VPD is the only system available that offers the ease-of-use of cloud-based key management without sacrificing trust. Porticor is an Amazon Web Services Technology Partner, a VMware Technology Alliance Partner, and an HP technology partner. The company is headquartered in Tel Aviv, Israel, with offices in Silicon Valley, and is venture backed. For more information, visit: http://www.porticor.com/.

Go here to see the original:
VPD System provides cloud key management security.

Matias Secure Pro wireless keyboard $170.00

This quiet, portable, wireless mechanical keyboard boasts an over-the-top security feature. Our reviewer didn't like the feel of its switches, though, and it's very expensive.

The wireless Matias Secure Pro keyboards number-one claim to fame is its 128-bit AES encryption. Ill get into that later. My favorite feature is that its quiet. Youd hardly know this was a mechanical keyboard from the sound it makes. Its close to the volume level of a typical membrane keyboard, if a little sharper or clickier at times. You could use this board in any office or in a bedroom without disturbing a soul.

Be that as it may, Im not a huge fan of typing on it.

Far from the ergonomic relief I expect from a mechanical keyboard, the Matias switches inside the Secure Pro made my fingers exhausted. And thats saying something, considering I type on Cherry Blues on a daily basis. Those switches are known for their abnormally high resistance.

Activating a key on the Secure Pro reminds me of a rubber-dome keyboard. Significant resistance at the top begins to yield as you push past that initial hurdlealmost exactly like a membrane keyboard.

As a result, the Secure Pro scuttles most of the benefits of a mechanical keyboard. Its too easy to bottom-out its keys, which is bad for your fingers and wrists. This keyboard isnt pleasant to type on unless you prefer extremely high resistance. Even then, youd probably be better served by a buckling-spring switch, which spreads resistance out over the path of the entire keystroke.

The Matias Secure Pro has two USB ports. You can use one to store its USB receiver while traveling, and the other can charge a USB device (but you'll need a supplemental power supply for the keyboard, which defeats its wireless feature).

I appreciated the muted click of the Secure Pros keys, as that provided a bit of tactile feedback, but this isnt the sort of keyboard Id pick up for my own day-to-day use. Keyboard preferences are a matter of highly individual taste, of course, so your perception could be very different.

More troubling is that I found myself constantly making typos with the Secure Pro. I dont know whether its because the activation point is so high or because theres so much resistance, but I dropped letters from my words semi-constantly. The space bar was particularly temperamental.

Go here to read the rest:
Matias Secure Pro wireless keyboard review: A power tool for the paranoid

Defiance - Silicon Valley and Encryption
Finally a release date for the new map expansion. Encrypted weapons and jump to clanmates as well.

By: combo65

Read more here:
Defiance - Silicon Valley and Encryption - Video

The creator of Cryptocat, Nadim Kobeissi, is back with another easy-to-use encryption tool. This time it's a Chrome app that aims to make it easy to create and share single encrypted files with others. Called miniLock, the app is freely available on the Chrome Web Store.

Similar to other encryption tools, miniLock relies on public key cryptography. Under this scheme you have to share your public key with others so they can encrypt files meant for you and only you. But unlike many encryption toolswhich are often difficult to useminiLock is very easy to understand and takes away a lot of the pain typically associated with encryption tools.

The public key itself, dubbed your miniLock ID, is relatively short at around 45 characters. That's long enough to easily fit in a tweet, as the miniLock site says. But it's still too long to easily remember, so you'll have to write it down or save it in a password manager like LastPass or KeePass.

For encryption, miniLock uses Curve25519 elliptic curve cryptography, which is the same cryptography used in Kobeissi's Cryptocat. The problem with encryption tools, however, often isn't the strength of their encryption but how well it's implemented.

On the miniLock site you can find a recent miniLock security auditby penetration testing firm Cure53. The report gives miniLock a clean bill of health stating that "MiniLock is a one-purpose app offering this one particular feature [encryption] and appears to be doing that as well as possible...The code is soundly and neatly written, well structured, minimal and therefore offers no sinks for direct exploitation."

That's just one report, however, and others will no doubt sink their teeth into miniLock and try to find exploits. Judging the quality of the cryptography is beyond the scope of this article. But as it's a new app, miniLock may not yet be the best choice for anyone encrypting documents in a high-stakes environment (political oppression, corporate secrecy). That said, it's definitely worth keeping tabs on to see what the security community has to say about miniLock in the future.

For anyone that wants to dive in right away, here's a quick hands-on with miniLock on a Windows 8.1 PC.

miniLock after a public key is generated.

To get started, visit the Chrome Web Store and install miniLock as you would any other Chrome app. Once it's installed you can either launch it right from the Chrome Web Store or the Chrome App Launcher in your taskbar, if you've installed that.

When it starts up, miniLock will ask you to sign in with your email address and a passphrase. These two pieces will be used to generate your miniLock ID, which should take only a second or two.

Read the rest here:
Hands-on: miniLock's powerful file encryption is dead simple to use

DEEP S-ECE-1 (9th July 2014) Module 11 Compound ciphers, Public Key Encryption
We build on our basic cryptography to create compound ciphers and understand public-key encryption.

By: Al Leon-Garcia

Read the rest here:
DEEP S-ECE-1 (9th July 2014) Module 11 Compound ciphers, Public Key Encryption - Video