Much like tribbles in Star Trek, symmetric encryption is everywhere. Well explore symmetric key algorithms and take you to places no non-IT person has gone before

Symmetric encryption algorithms are the underlying processes that make secure communications possible. If you were to put it into Star Trek-related terms, symmetric algorithms are the warp drive for your starships propulsion system. Theyre integral to information security and are what help your business move forward with data encryption securely and at faster-than-light speeds.

(Yes, I know, Im really flying my nerd flag high today. While fascinating, symmetric key algorithms arent exactly light or easy reading so Ive got to have some fun when writing. Damn it, Jim, Im a cybersecurity writer, not a cryptographer.)

Make sure to refresh your coffee (or earl grey tea, if thats more your speed). Were about to take a deep dive into exploring what symmetric encryption algorithms are, why theyre important, and what the most common symmetric encryption algorithm types are.

Make it so.

Lets hash it out.

Symmetric algorithms are the cryptographic functions that are central to symmetric key encryption. Theyre a set of instructions or steps that computers follow to perform specific tasks relating to encrypting and decrypting data.

Feel like you need a universal translator? Okay, lets break this down a bit more.

Symmetric encryption algorithms are used (combined with an encryption key) to do two main things:

Symmetric encryption algorithms use the same encryption key for both encryption and decryption. (Unlike asymmetric encryption algorithms, which use two different keys.)

Encryption algorithms, in general, are based in mathematics and can range from very simple to very complex processes depending on their design. In the case of symmetric encryption algorithms, theyre paired with a single key to convert readable (plaintext) data into unintelligible gibberish (ciphertext). They then use the same key to then decrypt the ciphertext back into plaintext. And all of this is done in a way that ensures data confidentiality and privacy. Pretty cool, huh?

Symmetric encryption algorithms are actually known by a few different names:

In general, the purpose or goal of encryption is to make it so that only someone with the key can decrypt and read the secret message. In case you need a quick reminder of how symmetric encryption works, heres a quick overview:

In this graphic above, moving from left to right, youll see that you start with the plaintext, readable data. Once the symmetric encryption algorithm and key are applied to that data, it becomes unreadable ciphertext. The way to decrypt that message to decipher its meaning is to use a decryption key. In the case of symmetric encryption, the decryption key is identical to the key that was used to encrypt the data. Basically, you use the same key twice.

In a nutshell, a symmetric algorithm is a set of instructions in cryptography that use one key to encrypt and decrypt data. These encryption algorithms and keys are lightweight in the sense that theyre designed for speed in processing large blocks or streams of data. (This is why symmetric encryption algorithms are known as bulk ciphers.)

Asymmetric key algorithms and keys, on the other hand, are resource eaters. The keys are massive and are expensive to use at scale. What I mean is that they suck up a lot of your CPU processing resources and time, battery power, and bandwidth to execute.

Remember how we described symmetric algorithms as being a key component of your warp drive? Lets continue with that analogy. So, if you were to think about what asymmetric encryption algorithms are, theyd be like the equivalent of the thrusters in the propulsion system. Sure, theyll get you there eventually, but theyre not suitable for rapid encryption at scale.

However, theyre great for encrypting smaller batches of data in public channels. And asymmetric key exchanges (which well talk more about shortly) are a great way to distribute keys in those insecure public channels.

This is why people often turn to symmetric encryption for encoding large amounts of data.

As youll soon discover, not all symmetric algorithms are created equally. They vary in terms of strength but what exactly is does strength mean in cryptography? The short answer is that cryptographic strength is all about how hard it is for a hacker to break the encryption to gain access to the data. The longer answer, of course, may vary depending on the type of algorithm you evaluate. But, in general, cryptographic strength typically boils down to a few key traits:

Symmetric encryption can be a bit of a balancing act because you need algorithms and keys that are computationally hard yet practical enough to use with acceptable performance.

While symmetric encryption algorithms might sound like the most logical tools for all types of online data encryption, its not quite that simple. Much like the ever-logical Spock and the charismatic Captain Kirk, symmetric encryption also has weaknesses especially when used on their own in public channels. These weaknesses come in the form of key distribution and key management issues:

When using symmetric encryption, ideally, you and the person youre communicating with sort out your secret key ahead of time (prior to using it for any data exchanges). This means that in order to share a symmetric key securely with someone, youd need to meet up with them in person to give it to them. But what if youre across the country from the other party? Or, worse, what if youre on the other side of the world from them?

While this wouldnt be an issue in the Star Trek universe, where you could simply transport from one place to another within seconds, this isnt feasible in our 21st century transporterless world. Here, people are exchanging information with web servers worldwide every moment of every day. This means that people cant meet up ahead of time to hand out or receive keys. So, we have to rely on other means to securely exchange keys with other parties.

This is where asymmetric algorithms or, more specifically, key exchange protocols come into play. Asymmetric key exchanges make it possible to exchange symmetric keys in otherwise insecure public channels. What you may or may not realize is that youre actually using this combination of symmetric and asymmetric encryption techniques right now.

Lets consider your connection to our website as an example. See that padlock icon in your browser? It means youre connected to a secure website.

So, when you initially connected to TheSSLstore.com, your browser had to perform a process with our server thats known as a TLS handshake. This handshake is a way for the server to prove to your browser that its legitimate and isnt an imposter. (You know, cause cybercriminals love to pretend to be other people to trick people in connecting with them. Theyre kind of like Romulans in that way always engaging in subterfuge.) The handshake process uses asymmetric encryption and asymmetric key exchange processes to do this.

Of course, there are a few versions of the handshake TLS 1.0, TLS 1.2, TLS 1.3 and there specific differences in how they work. (For example, the Internet Engineering Task Force [IETF] pushes for the strict use of forward-secrecy-only ciphers in TLS 1.3 but thats a topic for another time.) Just know that only the TLS 1.2 handshake should be the minimum used. As of October 2020, Qualys SSL Labs reports that 99% of sites support the TLS 1.2 protocol and 39.8% support the TLS 1.3 protocol.

We wont get into the specifics of how the TLS handshake works here, but know that it involves the use of cipher suites. These groups of ciphers are what help to make it possible to establish a secure, HTTPS connection by determining which of each of the following to use:

You can read more about the process in this explainer blog on how the TLS handshake works. But for now, lets stay with the topic at hand of symmetric encryption algorithms.

During the symmetric encryption that takes place when you connect securely to a website, youre using a bulk cipher to make that happen. There are two subcategories of bulk ciphers: block ciphers and stream ciphers.

In this type of cipher, plaintext data breaks down into fixed-length groups of bits known as blocks (which are typically connected via a process known as chaining). Each block then gets encrypted as a unit, which makes this process a bit slow. And if theres not enough data to completely fill a block, padding (typically an agreed upon number of 0s) is then used to ensure that the blocks meet the fixed-length requirements.

The ideal block cipher has a massive key length that isnt practical, so many modern ciphers have to scale back key sizes to make them usable. But just as a quick note: Unlike with asymmetric encryption, symmetric encryption key sizes dont determine the size of the data blocks.

The majority of modern symmetric encryption algorithms fall within the block cipher camp, and these types of ciphers have broader usage and application opportunities. So, were mainly going to focus on them here. But if youre wondering what the most popular or common stream ciphers are, dont worry, weve got you covered.

With this type of cipher, it encrypts plaintext data one bit at a time. As such, data gets processed in a stream rather than in chunks like in block ciphers. This makes the process less resource-intensive and faster to achieve.

Now, were not going to get into all of the specifics of block ciphers and stream ciphers thats a whole other topic for another time. Just be sure to keep an eye out in the coming weeks for a separate article that breaks down block ciphers and stream ciphers.

Okay, now this is where things start to get exciting (or more complicated, depending on your perspective). With shared key encryption, there are several well-known symmetric key algorithms to know. Lets break them all down to understand what they are and how they work.

For this section, weve put together a symmetric algorithm list that will help us navigate the most common symmetric ciphers. Well start with one of the oldest and work our way up to the latest and greatest meaning, the algorithm that we typically use today for modern symmetric encryption.

First up on our list is the data encryption standard. DES, also known as DEA (short for data encryption algorithm), is one of the earliest symmetric encryption algorithms thats since been deprecated. Its based on the Feistel Cipher (much like many other varieties of block ciphers) and was actually deemed one of the first symmetric algorithms to be adopted as a Federal Information Processing Standard (FIPS) in 1976.

DES dates back to the early 1970s when its original form (Lucifer) was developed by IBM cryptographer Horst Feistel. IBM reports that the encryption method was originally created at the behest of Lloyds Bank of the United Kingdom. The National Bureau of Standards (now known as the National Institute of Standards, or NIST for short) ended up seeking proposals for a commercial application for encryption, and IBM submitted a variation of it. It was even desired for use by the National Security Agency (NSA) to protect their data.

This type of symmetric encryption maps inputs of a specific length to outputs of a specific length. As such, it operates on 64-bit blocks meaning that it could encrypt data in groups of up to 64 blocks simultaneously and has a key size of 56 bits. There are also 8 additional parity bits to the key, which serve as a way to check for data transmission errors. However, its important to note that parity bits arent something youd ever use for encryption.

This size key is actually very small by todays standards, which makes it highly susceptible to brute force attacks. Also, the key and block lengths differ from the original Lucifer key and block lengths, both of which were reduced from 128 bits.

To learn more about how DES encryption and Feistel Networks work, check out this great video from Coursera and Stanford University.

The Data Encryption Standard (DES) document (FIPS PUB 46-3) was officially withdrawn on May 19, 2005, along with the documents FIPS 74 and FIPS 81. The National institute of Standards and Technologys Secretary of Commerce published the following in the Federal Register:

These FIPS are withdrawn because FIPS 46-3, DES, no longer provides the security that is needed to protect Federal government information. FIPS 74 and 81 are associated standards that provide for the implementation and operation of the DES.

DES encryption was succeeded by triple data encryption algorithm (TDEA) for some applications, although not all. However, DES was primarily superseded as a recommendation by the advanced encryption standard, or whats known as AES encryption, in 2000. This is what we most commonly use today for symmetric encryption.

Now, lets explore those two other types of symmetric encryption algorithms.

The triple data encryption algorithm, which was created in the late 1990s, is a bit tricky as it actually goes by several abbreviations: TDEA, TDES, and 3DES. But as you can probably guess from its name, 3DES is based on the concept of DES but with a twist.

Unlike its predecessor, TDEA uses multiple separate keys to encrypt data one variation of TDEA uses two keys and the other variation uses three keys (hence the triple in its name). The stronger of the two is the one that uses three keys.

Heres an illustration of how the three-key TDEA process works:

The use of multiple keys makes processing data slow and increases the computational overhead, which is why organizations often skipped over 3DES and moved straight on to using AES.

TDEA operates using a decent 168-bit key size. However, like DES, 3DES also operates on small 64-bit blocks. Its small block size made it susceptible to the sweet32 vulnerability (CVE-2016-2183 and CVE-2016-6329), or whats known as the sweet32 birthday attack. This exploit takes advantage of a vulnerability that enables unintended parties to access portions of DES/TDEA-encrypted data.

The TDEA symmetric key encryption algorithm is set to deprecate in terms of being useful for cryptographic protection in 2023. However, in the meantime, NIST SP 800-76 Rev. 2 specifies that 3DES can be used by federal government organizations to protect sensitive unclassified data so long as its used within the context of a total security program. Such a program would include:

AES is the most common type of symmetric encryption algorithm that we use today. In fact, even the NSA uses AES encryption to help secure its sensitive data.

AES is a variant of the Rijndael family of symmetric encryption algorithms. Unlike its DES or TDEA counterparts, its based on a substitution-permutation network. So, it uses this as its foundation in lieu of the Feistel cipher. Youll find the advanced encryption standard in use for everything from SSL/TLS encryption to wireless and processor security. Its fast, secure, and doesnt noticeably increase your processing overhead (at least, when you use the right key).

AES operates on block sizes of 128 bits, regardless of the key size used, and performs encryption operations in multiple rounds.

Theres a total of four AES encryption sub-processes:

The rounds, which are performed on the plaintext data, uses substitutions from a lookup table. So, one of the rounds looks akin to this:

AES, which became the new FIPS-approved encryption standard after replacing DES and superseding 3DES, has a maximum key size of up to 256 bits. This is about 4.5 times larger than a DES key. Any larger, and it wouldnt be practical for at-scale applications. Now, the size of the key determines how many rounds of operations will execute for example, a 128-bit key will have 10 rounds, whereas a 256-bit key will have 14.

Of course, AES encryption is incredibly strong. So, any attempts to crack AES via brute force using modern computer technology is futile, as a certain collective of cybernetic individuals love to say. Even Lt. Commander Data would likely struggle with such a computational effort. I say that because even quantum computers arent expected to have as big of an effect on symmetric encryption algorithm as it will on, say, modern asymmetric encryption methods. (Symmetric encryption methods would require larger keys to be quantum resistant, whereas public key methods will no longer be secure period.)

For a more in depth look at the advanced encryption standard, be sure to check out our other article on the topic. There, youll get a highly technical look at how AES works.

There are plenty of other types of symmetric encryption algorithms that are useful for different purposes and cryptographic functions. Just to give you a quick taste, the list of some of these algorithms include:

Of course, there are other ciphers, too but were not going to include them all here. But this at least gives you some examples of whats out there as far as AES algorithms are concerned.

Symmetric encryption algorithms, when used on their own, are best suited for encrypting data at rest or in non-public channels. I say that because theyre often found protecting at-rest data in various situations, including databases, online services, and banking-related transactions. (The latter is because the Payment Card Industry Data Security Standards, or PCI DSS for short, requires it.)

However, those arent the only places theyre useful. Oh, no youll also find symmetric algorithms in use across the internet. When you use them in conjunction with asymmetric encryption for key exchange such as when you connect to a secure website then symmetric encryption comes into play with services such as:

Didnt feel like diving into all of the technical mumbo-jumbo? (Or didnt feel like reading through my nerdy Star Trek comparisons of symmetric encryption algorithms?) No worries. Here are a few of the main takeaways from this article on symmetric key algorithms:

Be sure to stay tuned for our next chapter in this blog series on symmetric encryption in the coming weeks. And until next time live long and proper.

Originally posted here:
Symmetric Encryption Algorithms: Live Long & Encrypt - Hashed Out by The SSL Store - Hashed Out by The SSL Store

For the past year and a half, Google has been rolling out its next-generation messaging to Android users to replace the old, clunky, and insecure SMS text messaging. Now the company says that rollout is complete, and plans to bring end-to-end encryption to Android messages next year.

Googles Rich Communications Services is Androids answer to Apples iMessage, and brings typing indicators, read receipts, and youd expect from most messaging apps these days.

In a blog post Thursday, Google said it plans to roll out end-to-end encryption starting with one-on-one conversations leaving open the possibility of end-to-end encrypted group chats. Itll become available to beta testers, who can sign up here, beginning later in November and continue into the new year.

End-to-end encryption prevents anyone even Google from reading messages as they travel between sender and the recipient.

Google dipped its toes into the end-to-end encrypted messaging space in 2016 with the launch of Allo, an app that immediately drew criticism from security experts for not enabling the security feature by default. Two years later, Google killed off the project altogether.

This time around, Google learned its lesson. Android messages will default to end-to-end encryption once the feature becomes available, and wont revert back to SMS unless the users in the conversation loses or disables RCS.

Read the original post:
Google plans to test end-to-end encryption in Android messages - TechCrunch

Leading French independent health insurer Alan has teamed up with data security company Tanker to bring end-to-end encryption to its telehealth chat platform. The service is the first telehealth chat platform available to the general public that is end-to-end encrypted.

WHY IT MATTERS

The Alan app links users with associated doctors through a messaging service or video-consultations, which enable users to access quality medical care quickly while the platform handles all reimbursements.

HIMSS20 Digital

Through the partnership with Tanker, Alan is ensuring its digital healthcare has the same dedication to doctor-patient confidentiality as in-person healthcare. Utilising technology previously reserved for messaging apps such as WhatsApp and iMessage or restricted to certain operating systems as with Apple Health, the data shared through the chat service is encrypted so it is only accessible to the user and the medical team.

This gives Alans 115,000 users total control over their personal medical data.

Dr Pierre-Auguste Beaucot, a general practitioner with Alan, praised the innovation: Complete observance of doctor-patient confidentiality and ensuring the maximum level of security for patients who use our telehealth platform is primordial. With client-side encryption, only doctors can access the content of medical conversations. The contrary would have been unthinkable.

THE LARGER TREND

France has seen a major increase in the usage of teleconsultations as a result of the pandemic, going from 35,000 visits during the month of February 2020 to an average of 400,000 teleconsultations a week since April 2020.

As the pandemic has pushed telehealth into the mainstream, security and privacy have been a top priority, particularly as these services become integrated into the norm of healthcare post-pandemic. Recently, Singapore-based start-up Doctor Anywhere launched end-to-end encrypted mental health video-consultations to provide enhanced privacy for a stigmatised sector of healthcare.

ON THE RECORD

Charles Gorintin, Alan's co-founder and CTO, commented: The protection of privacy is a concern for all users of internet services. It is even more so in the case of healthcare. Alan is investing in technology so that everyone can benefit from the very best care with complete peace of mind.

Clment Ravouna, co-founder and CEO of Tanker, added: Without doctor-patient confidentiality, there would be no digitisation of healthcare. Alan's vision will hugely simplify our relationship with healthcare in the years to come. We are proud to go forward with them and provide them with the infrastructure they need to make their platform secure.

See the original post:
Alan partners with Tanker for end-to-end encrypted medical chat - Mobihealth News

Google has finally announced that end-to-end encryption (E2EE) will begin rolling out on its Messages platform, bringing it in line with rivals WhatsApp and iMessage in the security stakes.

Messages by Google is built on the open Rich Communication Services (RCS) standard to offer improvements over legacy SMS such as anti-spam, launching of video calls direct from conversations, Smart Reply and more.

Google announced late last Friday that it had completed its global rollout of the platform for all Android users.

However, until now the missing piece in the puzzle was security, with both Facebook (WhatsApp) and Apple offering E2EE to maximize privacy for their users.

Google now joins its rivals with these capabilities, starting with one-to-one conversations and only when both users are on Messages.

End-to-end encryption ensures that no one, including Google and third parties, can read the content of your messages as they travel between your phone and the phone of the person youre messaging, explained product lead, Drew Rowney. This will roll out to beta testers beginning this month and continue into next year.

However, while the new functionality is likely to be a hit with consumers and business users, it will put Google on a collision path with legislators and law enforcers in the US.

Over recent years, high-profile figures have tried to pressure tech giants like Apple into engineering bespoke backdoors into their products so that investigators can unlock phones and read the encrypted messages of suspects.

They argue that E2EE otherwise offers a safe haven for terrorists, child abusers and other criminal elements disregarding the fact that if Apple et al were to accede to their wishes, these individuals would surely migrate to other platforms.

Now Google will have to stand up for its users and argue that backdoors cannot be engineered for law enforcement without undermining security for all a point repeatedly batted away by lawmakers.

In its most recent missive last month, the Five Eyes intelligence community plus India and Japan repeated its demands, and arguedthat the tech community just isnt trying hard enough to find a way forward.

Read more from the original source:
Google Messages Set to Roll Out End-to-End Encryption - Infosecurity Magazine

Protesters march during a rally against government and President Lukashenko in Minsk, Belarus, 25 October 2020. According to reports, over 100,000 opposition activists took to the streets against Belarusian government and President Alexander Lukashenko calling him to step down and demanding new presidential elections. EFE/EPA/STR

In the presidential elections held in August in Belarus, Alexander Lukashenko was re-elected with 80% of the votes, yet only a few believed the official account. This disparity between reality and the state claims instigated record numbers of people to pour into streets and demand repeated elections. The regime answered with a brutal crackdown on protesters and internet shutdowns to limit accessing and sharing information. But Belarusians found a way to communicate through an encrypted messaging service called Telegram, which played a vital role in organizing protesters and disseminating information horizontally without any formalized leadership. Encryption remains a central tool for bypassing state surveillance, especially in countries with repressive governments, but it does not come without lingering safety and security concerns.

When Belarusians called for transparent elections, they were met with extreme police violence and detentions, photos of which filled the media and caused international outrage. A parallel battle was happening in the digital realm through the blocking of independent media and opposition websites and intermittent internet blackouts. These restrictions aimed to cause a chilling effect on popular mobilisation and prevent the publishing of information and evidence about police abuse. Lukashenko blamed foreign interference for the internet shutdowns but experts pointed to the government that controls the state-owned Internet provider Beltelecom. NetBlocks reported that internet access in Belarus has been disrupted for several days, creating an information vacuum preventing citizens from establishing contact with each other and with the outside world. On the night of the elections results, the government shut down social networks, blocked VPNs, while encrypted traffic was also blocked on certain websites and two election platforms so that people could not observe news about possible violations. Later that day, the whole mobile internet was shut down and most of the media outlets were unavailable. None of the usual messaging services worked without additional tools to bypass the censorship. Viber, WhatsApp, and Messenger were inaccessible.

Belarusian authorities used a DPI method for blocking internet access, but also monitored real-time communications, examined unencrypted content, and implemented targeted blockings and shutdowns, enabling both invasive privacy breaches and mass censorship. Similar technology has been documented in other countries, notably China and Russia, where it has been reviewed as a tool for implementing the Sovereign Internet Law. It seems like government manipulation of the internet will remain a constant feature in the future.

Multiple crackdowns have brought to the spotlight the rights to freedom of peaceful assembly and of association in the digital space. According to a UN special rapporteur threats to digital expression and internet freedom are more pronounced than ever [] and internet shutdowns have emerged as a popular means of information control. This issue has been lately growing in importance as the restrictions amid the COVID-19 pandemic have made the shutdowns of online civic space ever more consequential for exercising civil and political rights. The Belarusian case of coping with state interference through encrypted messaging service can be instrumental for understanding similar scenarios across the globe.

In the post-Soviet country with a booming IT sector adding 6.4% GDP, harnessing the potential of the tech platforms has been central to the oppositions success. YouTube popularized Siarhei Tsikhanouski and subsequently his wife, who ran as the lead candidate against Lukashenko. Again, when social media platforms became mostly unavailable, protesters turned to Telegram. The anti-censorship tools used by Telegram through robust encryption allowed Belarusian citizens to continue connecting via the app and access its channels to share messages, warn protesters of police movements, and guide demonstrators to certain neighborhoods.

The diffuse coordination made it more difficult for the security services to repress the protesters. As a journalist summed up: This is the Telegram revolution. Its not the opposition, not the political parties. Everything is made by bloggers, influencers, and these Telegram channels. Lukashenko himself acknowledged Telegrams importance when announcing that all the various Telegram channels that control crowds in Minsk will go away. The protests show how critical encryption is to protect citizens human rights and safety. It also offers a model to be copied by activists in many other countries looking to evade government control. Similar channels have been used by popular movements in Catalonia and Hong Kong, proving that even though the context might be different, similar tactics can still be adopted.

Evidently, there are two sides to the liberating power of encryption. A key argument is that as much as it can be a tool for greater democracy, it can also foster illegal activities. Thinking of the democratic cause only, where the biggest Telegram channels are followed by millions of users, questions arise around self-organization, misinformation risks, and security threats to users. In a climate where traditional media cannot be trusted and oppositional media has been disabled, the platforms take on an unprecedented power over information. The biggest channel fuelling Belarusian protests is Nexta, with more than 2 million subscribers in a country of about 9.4 million people. Operating fast and without an editorial team, they do not have the time and the capacity to fact-check information. Misinformation can lead to higher risk-taking, such as when protesters wrongly heard that security forces joined them and approached the police chanting five cities have laid down their shields. They were later dragged into police vans and may have been among the thousands of detained Belarusians who faced torture and beatings.

Roman Protasevich, the chief editor of Nexta, offered a rare glimpse into the channels operational mindset when interviewed by the BBC: Do I feel responsible for what we publish? Only in terms of whether it will bring people closer to victory and the end of the dictatorship. Undoubtedly, a small team of six that works out of a community centre in Warsaw is short of resources to cross-check each piece of information when there are hundreds of items on the Telegram channel. But these and similar channels remain oblivious to alerting their followers that the information they publish has not been verified.

As the governments become increasingly repressive and tech-savvy in suppressing dissent, the popularity of encrypted platforms for news gathering and dissemination is here to stay. Encrypted communications fall beyond the reach of regulation, making them a strong alternative source. They will remain a key enabler of civic rights in undemocratic societies where the media is tightly controlled by the authorities. But with information power concentrated into the hands of a few, an additional layer of scrutiny should be placed on how they operate and whether or not they act responsibly towards citizens.

Nexta founder Stsyapan Putsila downplays their role saying that they do not force anyone to protest: We tell people that they can go out, defend their rights. Belarusians come out on their own. But he also added that Now we not only inform, but to some extent also coordinate people. For Nexta, the trade-off is worth the end goal of achieving democracy, and many of their followers would agree. But in the country hungry for uncensored information, this reluctance to take on a greater responsibility despite growing stakes creates additional risks for the protesters.

Excerpt from:
Did they crack the code? The importance of encryption for protest movements - OpenGlobalRights

The EU would like you to know that it doesnt want to ban encryption. In fact, it correctly recognizes that encryption is absolutely essential for our privacy and financial safety on the internet. Thats why a draft resolution due to be tabled in front of EU leaders at a pivotal summit later this month spends paragraphs extolling the virtues of online encryption, before setting out the EUs complaint: they would really like to be able to read encrypted messages. And they want technology companies to do something about it.

On the surface, the EUs argument might seem quite reasonable: most of us would generally believe that with warrants or similar safeguards, authorities should be able to read the messages of serious criminals or terrorists. This is an argument successive British governments have also been fond of making.

The problem is that once you scratch below the surface, legislators are essentially proudly proclaiming themselves to be pro-cake and pro-eating it.

Online security is quite different from offline security, in that our communications are ultimately protected by encryption, which boils down to complex mathematics. Encryption uses calculations which are easy to perform one-way round but almost impossible to reverse the mathematical equivalent of scrambling an egg which means tech companies can make our messages all but impossible to decipher as they traverse the internets network of cables and servers.

In fact, thanks to encryption, the creators of most modern messaging apps cant read their users messages even if they wanted to. This is crucial for our security and privacy: messages arent secure if someone who works for a tech company (or a criminal or spy posing as them) can access them. And it means that when governments or police forces ask tech companies to hand over data, they cant they never had it in the first place.

But this is giving governments which in the internet era have become accustomed to being able to drown themselves in terabyte after terabyte of bulk data something of a headache. In response, they have begun urging, or threatening to compel, tech companies to create some means of circumventing their sophisticated encryption for selected users, so that they can hand over their data.

This is, essentially, the online equivalent of getting someone to leave the back door open so you dont have to use the locked, barred and reinforced front door. And just like an open back door in real life, in practice that means youre leaving the door open to everyone.

If tech giants create vulnerabilities so it is easier to access user data, the same methods will also be used by criminals and foreign governments. In the online world, it is simply not possible to selectively weaken security just for the good guys.

The EUs latest resolution tackles this thorny problem by insisting that they are big supporters of encryptionandthat they understand the risks of backdoors, and so would not ask tech giants to insert them into their messaging apps.

Instead, they ask tech companies, researchers, academics and others to look for some other way of allowing them to access messages essentially deciding that a back door by any other name will somehow magically work differently.

We should be relieved that the latest EU proposal is so laughably vague, but it is symbolic of the dead-end in which governments across the world have got to when it comes to regulating the internet a task we all agree, to different extents, is necessary, but one for which most governments seem woefully ill-equipped.

***Get a digital subscription toThe Spectator.Try a month free, then just $3.99 a month***

If the EU is interested in tracking and monitoring criminals, there are already other technical methods available for example, through phone manufacturers themselves (though backdoors here could, again, cause unintended consequences). It could also spend more on human intelligence, which is traditionally far more effective, and has been starved of resources in the internet era.

Instead, the EU joins an array of other governments and bodies straddling between menace and comical ineffectiveness. By railing against encryption, they undermine public trust in a technology that is vital to our online privacy and security.

And by having nothing more than a plea to the heavens for some magical fix to their problem, the EU are instead making themselves look comically unprepared for the task of regulating the internet era of capitalism. We are two decades into the digital age, and our politicians are still decidedly analog.

This article was originally published on The Spectators UK website.

Go here to read the rest:
The EU's muddled approach to encryption - The Spectator US

This new research report compilation added as an assessment overview of the global AES Encryption Software market is directed to unravel crucial details about market developments, encompassing various factors such as market trends, lingering barrier implications as well as dominant drivers that effectively carve a favorable growth route for global AES Encryption Software market progression and growth. The report specifically underpins superlative reader comprehension about multiple market developments by gauging into regional growth spots.

Access the PDF sample of the AES Encryption Software Market report @ https://www.orbisresearch.com/contacts/request-sample/2876781?utm_source=Atish

Key Players Mentioned in the Report:

DellEsetGemaltoIBMMcafeeMicrosoftPkwareSophosSymantecThales E-SecurityTrend MicroCryptomathicStormshield

A keen observation and evaluation of the AES Encryption Software market developments based on qualitative and quantitative research practices have been meticulously compiled to understand dynamics such as drivers, restraints, challenges and threats that closely influence holistic growth in global AES Encryption Software market.

Make an enquiry of AES Encryption Software Market report @ https://www.orbisresearch.com/contacts/enquiry-before-buying/2876781?utm_source=Atish

Some of the most crucial market relevant information drawn in the report is aimed at equipping market players with a crisp overview of fast transitioning vendor landscape. The report is also designed to influence lucrative decision making amongst prominent players in terms of their investment discretion towards most appropriate investment decisions pertaining to dynamic product and pricing mix to initiate user acceptance. A close review of the sub-segmentation has also been tagged in the report, aimed at unveiling novel growth opportunities, offsetting market saturation. Minute classification of the growth hubs, encompassing details on global and local developments alike to entice critical decision making.

Types Covered in Report:(On-premises, Cloud, , , )

Application Covered in Report:(Disk Encryption, File/folder Encryption, Database Encryption, Communication Encryption, Cloud Encryption)

Browse the complete AES Encryption Software Market report @ https://www.orbisresearch.com/reports/index/global-aes-encryption-software-market-report-2019?utm_source=Atish

About Us:Orbis Research (orbisresearch.com) is a single point aid for all your Market research requirements. We have vast database of reports from the leading publishers and authors across the globe. We specialize in delivering customized reports as per the requirements of our clients. We have complete information about our publishers and hence are sure about the accuracy of the industries and verticals of their specialization. This helps our clients to map their needs and we produce the perfect required Market research study for our clients.

Contact Us:Hector CostelloSenior Manager Client Engagements4144N Central Expressway,Suite 600, Dallas,Texas 75204, U.S.A.Phone No.: +1 (972)-362-8199 ; +91 895 659 515

Visit link:
AES Encryption Software Market 2020 Global Industry Size, Demand, Growth Analysis, Share, Revenue and Forecast 2022 - The Think Curiouser

Encryption Software market research study provides an all-inclusive assessment of the market while propounding historical intelligence, actionable insights, and industry-validated & statistically-upheld market forecast. A verified and suitable set of assumptions and methodology has been leveraged for developing this comprehensive study. Information and analysis of key market segments incorporated in the report have been delivered in weighted chapters.

Global Encryption Software Market research report provides the historical, present & future situation of Market Size & Share, Revenue, the demand of industry and the growth prospects of the Encryption Software industry in globally. This Encryption Software Market report has all the important data and analysis of market advantages or disadvantages, the impact of Covid-19 analysis & revenue opportunities and future industry scope all stated in a very clear approach. Encryption Software market report also calculates the Market Impacting Trends, Strategic Analysis, Market DROC, PEST Analysis, Porters 5-force Analysis, Market News, sales channels, distributors and forecast to 2026.

Encryption Software market report covers profiles of the top key players in Encryption Software, with price, sales, revenue and global market share. The Encryption Software competitive situation, sales, revenue and global market share of top manufacturers are analyzed emphatically by landscape contrast.

Top key players covered in Encryption Software market research report:

Request for a sample report to browse TOC, full company coverage & many more @ https://www.in4research.com/sample-request/823

Encryption Software market segmentation based on the product Type and Applications, with sales, market share and growth rate.

Based on Product Type:

Break down of Encryption Software Applications:

Encryption Software market breakdown data are shown at the regional level, to show the sales, revenue and growth by regions.

Impact of COVID-19 on Encryption Software Market

The report also contains the effect of the ongoing worldwide pandemic, i.e., COVID-19, on the Encryption Software Market and what the future holds for it. It offers an analysis of the impacts of the epidemic on the international market. The epidemic has immediately interrupted the requirement and supply series. The Encryption Software Market report also assesses the economic effect on firms and monetary markets. Futuristic Reports has accumulated advice from several delegates of this business and has engaged from the secondary and primary research to extend the customers with strategies and data to combat industry struggles throughout and after the COVID-19 pandemic.

Get in touch to know more about the Impact of COVID-19 & Revenue Opportunities in Encryption Software Market: https://www.in4research.com/impactC19-request/823

Encryption Software Market Report Provides Comprehensive Analysis as Following:

Frequently Asked Questions

Ask for more details or request a custom report from our industry experts @https://www.in4research.com/customization/823

FOR ALL YOUR RESEARCH NEEDS, REACH OUT TO US AT:

Contact Name: Rohan S.Email: [emailprotected] Phone: +1 (407) 768-2028

Read more here:
Encryption Software Market Overview, Growth, Demand and Forecast Research Report to 2026 - The Market Feed

The ranks of WhatsApp alternatives have swelled over the years. The latest tech company to join this heavily-crowded space is Google, which has taken the plunge into instant messaging with Messages. Like WhatsApp, Messaging lets you start a video call, message and has a slew of other helpful features.

Google is filling the gap in Androids messaging capabilities through Messages a Rich Communication Service (RCS) based messaging application targeting Android users.

The tech titan paraded Messages an instant messaging app for text-based chats, media (images & videos), document sharing over data, or WiFi as an alternative to the hugely popular iMessage and Facebook-owned WhatsApp, which has over five billion installations. Messages by Google also competes with Telegram, another popular messaging application that has grown its footprint and has a 500 million+ user base.

Google partnered with several carrier networks, phone, and device makers to bring RCS to its global users. The Mountain View tech giant revealed that the application would be available throughout the world except those where RCS is not available. This includes China, Russia, Iran and North Korea.

See Also: Why Mobile Messaging Is Crucial for Customer Engagement: mGage Reveals

Drew Rowny, Product Lead for Messages, wrote in a blog post, Today, weve completed our global roll-out of chat features to make this modern messaging experience universal and interconnected for everyone on Android. Now anyone using Messages around the world has access to modern chat features either from their carrier or directly from Google.

Besides the global roll-out of Messages by Google, the company also announced end-to-end encryption (E2EE) for the instant messaging app. End-to-end encryption ensures that no one, including Google and third parties, can read the content of your messages as they travel between your phone and the phone of the person youre messaging, explains Rowny.

E2EE will be available as a beta test for select users who sign up for the Messages beta testing program. But theres a caveat E2EE for Messages will be available only for one-on-one chats and not for group conversations. Meanwhile, rivals apps such as WhatsApp, iMessage, Signal, and even Facebooks Messenger offer end-to-end encryption for one-on-one and group conversations. Telegram doesnt support E2EE, but it does offer Secret Chat, which is akin to E2EE.

E2EE for Messages will start rolling out to beta testers starting November and will continue next year.

Let us know if you liked this news on LinkedIn, Twitter, or Facebook. We would love to hear from you!

Read more here:
Google Serves Up Messages, a WhatsApp Alternative With End-to-End Encryption - Toolbox

This report on Encryption Management Solutions market, published by UpMarketResearch, is an in-depth analysis that studies crucial aspects of the market, which will assist clients to make right decision about their business investment plans and strategies. The market report entails a detailed information regarding the key segments and sub-segmentations including the product types, applications, and regions by examining the emerging market size, performance, and scope of each segment of the Encryption Management Solutions.

Keeping 2019 as the base year, the report evaluates the extensive data available of the Global Encryption Management Solutions Market for the historical period, 2015-2018 and assess the market trend for the forecast period from 2020 to 2026. With an aim to supply a robust assessment of the market, the report offers vital insights on industry growth opportunities and development, drivers and restrains for the Encryption Management Solutions market with focusing on consumers behavior and industrial trend for the prior years as well as the base year.

Request a sample before buying this report @ https://www.upmarketresearch.com/home/requested_sample/75062

One key aspect of the report is that it provides an extensive study on the impact of COVID-19 pandemic on the global market and explains how it would affect the future business operations of the industry. In short, UpMarketResearchs report provides an in-depth analysis of the overall market structure of Encryption Management Solutions and assesses the possible changes in the current as well as future competitive scenarios of the Encryption Management Solutions market. Reflecting the pandemic effects, the report also includes information regarding the changing market scenario, competition landscape of the companies, and the flow of the global supply and consumption.

Besides describing the market positions of various major key players for the Encryption Management Solutions market, the report makes a concrete assessment on the key strategies and plans formulated by them over the recent years. In addition to this, the report provides information about recent developments such as product launch, entering merger and acquisition, partnership and collaboration, and expansion of the production plants by some key players.

This report includes the estimation of market size for value (USD) and volume (K MT), with applying top-down and bottom-up approaches to estimate and validate the overall scope of the Encryption Management Solutions market. The report is prepared with a group of graphical representations, tables, and figures which displays a clear picture of the developments of the products and its market performance over the last few years. With this precise report, it can be easily understood the growth potential, revenue growth, product range, and pricing factors related to the Encryption Management Solutions market.

Request a sample before buying this report @ https://www.upmarketresearch.com/home/requested_sample/75062

The published report consists of a robust research methodology by relying on primary source including interviews of the company executives & representatives and accessing official documents, websites, and press release of the companies related to the Encryption Management Solutions market. It also includes comments and suggestions from the experts in the market especially the representatives from government and public organizations as well as international NGOs. The report prepared by UpMarketResearch is known for its data accuracy and precise style, which relies on genuine information and data source. Moreover, customized report can be available as per the clients wishes or specific needs.

Key companies that are covered in this report:

Check Point Software TechnologiesCisco SystemsIBMMicrosoftOracleSymantec

*Note: Additional companies can be included on request

The report covers a detailed performance of some of the key players and analysis of major players in the industry, segments, application, and regions. Moreover, the report also considers the governments policies in different regions which illustrates the key opportunities as well as challenges of the market in each region.

By Application:

BFSIHealthcareGovernmentRetailIT and telecom

By Type:

Disk EncryptionFolder Encryption Communication EncryptionCloud Encryption

As per the report by UpMarketResearch, the Encryption Management Solutions market is projected to reach a value of USDXX by the end of 2026 and grow at a CAGR of XX% through the forecast period (2020-2026). The report describes the current market trend of the Encryption Management Solutions in regions, covering North America, Latin America, Europe, Asia Pacific, and Middle East & Africa by focusing the market performance by the key countries in the respective regions. According to the need of the clients, this report can be customized and available in a separate report for the specific region.

You can also go for a yearly subscription of all the updates on Encryption Management Solutions market.

You can buy the complete report @ https://www.upmarketresearch.com/buy/encryption-management-solutions-market

Why you should buy this report?

This report provides a complete guideline for the clients to arrive an informed business decisions since it entails a comprehensive information, which will help the clients to understand better of the current & future market situation.

Apart from that, the report also answers some of the key questions given below:

If you have any questions on this report, please reach out to us @ https://www.upmarketresearch.com/home/enquiry_before_buying/75062

About UpMarketResearch

UpMarketResearch is a globally leading market research company that has an excellent group of long-year experienced team in the field of business research. We keep our priority to fulfil the needs of our customers by offering authentic and inclusive reports for the global market-related domains. With a genuine effort from a dedicated team of business experts, UpMarketResearch has been in the service for years by providing innovative business ideas and strategies for the current global market for various industries and set its benchmark in the market research industry.

We have a large support of database from various leading organizations and business executives across the globe. With this leverage, we excel at customized report as per the clients requirement and updating market research report on the daily basis with quality information.

Contact Info UpMarketResearchName Alex MathewsEmail [emailprotected]Website https://www.upmarketresearch.comAddress 500 East E Street, Ontario, CA 91764, United States.

Here is the original post:
Encryption Management Solutions Market, Share, Growth, Trends And Forecast To 2025 UpMarketResearch - Cheshire Media