Winter School on Cryptography Symmetric Encryption: Definitions, Modes and MACs - Kenny Paterson
The topic of the 4th Annual Bar-Ilan Winter School on Cryptography held in January 2014, was Symmetric Encryption in Theory and in Practice. The winter schoo...
By: barilanuniversity
The rest is here:
Winter School on Cryptography Symmetric Encryption: Definitions, Modes and MACs - Kenny Paterson - Video
Winter School on Cryptography Symmetric Encryption: Record layer security - Kenny Paterson
Record layer security notions and results, a lecture by Kenny Paterson. The topic of the 4th Annual Bar-Ilan Winter School on Cryptography held in January 2014, was Symmetric Encryption in...
By: barilanuniversity
Read more here:
Winter School on Cryptography Symmetric Encryption: Record layer security - Kenny Paterson - Video
Winter School: Authenticated encryption schemes and Misuse-resistance - Thomas Ristenpart
Authenticated encryption schemes and Misuse-resistance, a lecture by Thomas Ristenpart. The topic of the 4th Annual Bar-Ilan Winter School on Cryptography held in January 2014, was Symmetric...
By: barilanuniversity
Read the rest here:
Winter School: Authenticated encryption schemes and Misuse-resistance - Thomas Ristenpart - Video
Winter School on Cryptography Symmetric Encryption: Cryptanalysis of Hash Functions - Eli Biham
Cryptanalysis of Hash Functions, a lecture by Eli Biham. The topic of the 4th Annual Bar-Ilan Winter School on Cryptography held in January 2014, was Symmetric Encryption in Theory and in...
By: barilanuniversity
Originally posted here:
Winter School on Cryptography Symmetric Encryption: Cryptanalysis of Hash Functions - Eli Biham - Video
Winter School on Cryptography Symmetric Encryption: Differential Cryptanalysis - Eli Biham
Differential Cryptanalysis, a lecture by Eli Biham. The topic of the 4th Annual Bar-Ilan Winter School on Cryptography held in January 2014, was Symmetric Encryption in Theory and in Practice....
By: barilanuniversity
Continued here:
Winter School on Cryptography Symmetric Encryption: Differential Cryptanalysis - Eli Biham - Video
Winter School on Cryptography Symmetric Encryption: Generic Cryptanalytic Techniques - Orr Dunkelman
Generic Cryptanalytic Techniques, a lecture by Orr Dunkelman. The topic of the 4th Annual Bar-Ilan Winter School on Cryptography held in January 2014, was Symmetric Encryption in Theory and...
By: barilanuniversity
The rest is here:
Winter School on Cryptography Symmetric Encryption: Generic Cryptanalytic Techniques - Orr Dunkelman - Video
Encryption All server 0 60 Clean c#
By: hallaj hack
Here is the original post:
Encryption All server 0 60 Clean c# - Video
Microsoft released optional security updates Tuesday for various versions of the .NET Framework that prevent the RC4 encryption algorithm from being used in TLS (Transport Layer Security) connections.
The updates are only available through the Windows Update Catalog and the Microsoft Download Center, not Windows Update, and are part of Microsofts efforts that began in November to phase out the use of RC4 in TLS. They are in addition to the companys scheduled security patches for Windows, Internet Explorer and Office.
The Rivest Cipher 4 (RC4) was invented in 1987 by cryptographer Ronald Rivest and remained a popular encryption algorithm over the years despite cryptographic weaknesses being discovered by researchers.
Until last year, the use of RC4 as a preferred cipher in TLS was considered safe and actually recommended for a while after cipher-block chaining mode ciphers like AES-CBC were found to be vulnerable to attacks.
However, in March 2013, a team of researchers presentedfeasible attacks against RC4 as used in TLS; subsequent revelations about the U.S. National Security Agencys efforts to defeat encryption sparked concerns that breaking RC4 might be within its capabilities.
In November Microsoft released an update for Windows 7, Windows 8, Windows RT, Windows Server 2008 R2 and Windows Server 2012 that allowed system administrators to disable RC4 support using registry settings. The new optional updates released Tuesday do the same thing, but for the .NET Framework.
The use of RC4 in TLS could allow an attacker to perform man-in-the-middle attacks and recover plaintext from encrypted sessions, Microsoft said in >a security advisory Tuesday. A man-in-the-middle attack occurs when an attacker reroutes communication between two users through the attackers computer without the knowledge of the two communicating users. Each user in the communication unknowingly sends traffic to and receives traffic from the attacker, all the while thinking they are communicating only with the intended user.
While blocking RC4 is recommended, the company said that customers should plan and test the new settings prior to making this change in their environments.
TLS offers a choice of ciphers that server administrators can specify in their configurations, but versions 1.0 and 1.1 of the protocol support only CBC ciphers and RC4, all of which are now considered insecure.
The AES-GCM cipher is a safe alternative, but it is only available in TLS version 1.2 which has yet to see widespread deployment. A scan of the top 155,000 HTTPS websites performed this month by the SSL Pulse Project revealed that only around 35 percent of them supported TLS 1.2.
See more here:
Microsoft's .NET Framework security updates further effort to phase out RC4 encryption
Google Apps accounts can now get end-to-end encryption for messages.
Image: Mashable composite Google
By Christina Warren2014-05-15 11:51:04 UTC
Google on Thursday announced a new partnership that will bring full scale encryption to Google Apps.
Working with email data protection company Zix, Google has launched a new commercial product for Google Apps accounts dubbed Google Apps Message Encryption (GAME).
Although Google already supports secure, encrypted messages within its servers, email messages sent to other systems are not encrypted.
Organizations or users can use various workarounds to add PGP (public-key cryptography) to their messages, but those solutions are kludgy and not ideal for an organization with lots of users.
With GAME, Google and Zix are hoping to change that. GAME is available for $35 a year per user and allows Google Apps admins to configure encryption settings and routes from the Google Apps dashboard.
In a post-Snowden world, it's easy to think email encryption is primarily useful to keep prying eyes (such as the NSA) from intercepting messages. For regulated industries however, encrypted communications are an important part of doing business.
Many of Zix's customers are hospitals, banks and government organizations and its product for compliance with federal regulations such as HIPAA, Sarbanes-Oxley and PCI-DSSS.
Original post:
Google Apps Users Can Now Get End-to-End Email Encryption
10 hours ago May. 14, 2014 - 11:37 PM PDT
ADVA Optical Networking, based in southern Germany, has released a new 100G technology for metro network deployments generally, connecting data centers within a metropolitan area that includes built-in encryption on the network layer.
The advantage of this kind of Layer 1 encryption is that it doesnt slow down the data throughput much, but rivals such as Cisco are not yet supporting super-speedy 100Gbps data rates with such a product ADVA, with the new version of its FSP 3000 optical transport solution, is. In short, this new multiplexer may hold appeal for enterprises and even telcos that want to be able to securely handle lots of data at high speed.
ADVAs 100G Metro tech is protocol-agnostic, so it can handle Ethernet, fiber, Infiniband and so on. Its line-side encryption is based on the Advanced Encryption Standard (AES) and uses 256-bit keys, with over 60 key exchanges an hour. As it encrypts not only the payload but also headers and checksums - nothing unencrypted for spooks and hackers to intercept its really for point-to-point setups and youd need an ADVA box on either end of the connection.
Whats impressive is that adding this encryption to standard 100G Metro products adds under 150 nanoseconds in latency, which isnt a lot. Handily for carriers, its also possible to separate the management of the network and encryption, which should make it easier to service enterprises that want to manage their own encryption over a leased service.
According to Uli Schlegel, ADVAs director of data center business development, the competition is at least a year behind on all this. Whether or not that bears out, its certainly interesting to see vendors baking encryption into modern, capacious networks in a way that doesnt overly affect throughput. Maybe big data and security can play nice after all.
Heres a slightly trippy ADVA video on the subject:
Subscriber Content
Subscriber content comes from Gigaom Research, bridging the gap between breaking news and long-tail research. Visit any of our reports to learn more and subscribe.
Visit link:
Aiming for secure big data, ADVA puts line-side encryption into its 100G networking gear