Quantum computers stand a good chance of changing the face computing, and that goes double for encryption. For encryption methods that rely on the fact that brute-forcing the key takes too long with classical computers, quantum computing seems like its logical nemesis.

For instance, the mathematical problem that lies at the heart of RSA and other public-key encryption schemes is factoring a product of two prime numbers. Searching for the right pair using classical methods takes approximately forever, but Shors algorithm can be used on a suitable quantum computer to do the required factorization of integers in almost no time.

When quantum computers become capable enough, the threat to a lot of our encrypted communication is a real one. If one can no longer rely on simply making the brute-forcing of a decryption computationally heavy, all of todays public-key encryption algorithms are essentially useless. This is the doomsday scenario, but how close are we to this actually happening, and what can be done?

To ascertain the real threat, one has to look at the classical encryption algorithms in use today to see which parts of them would be susceptible to being solved by a quantum algorithm in significantly less time than it would take for a classical computer. In particular, we should make the distinction between symmetric and asymmetric encryption.

Symmetric algorithms can be encoded and decoded with the same secret key, and that has to be shared between communication partners through a secure channel. Asymmetric encryption uses a private key for decryption and a public key for encryption only. This enables public-key cryptography: the public key can be shared freely without fear of impersonation because it can only be used to encrypt and not decrypt.

As mentioned earlier, RSA is one cryptosystem which is vulnerable to quantum algorithms, on account of its reliance on integer factorization. RSA is an asymmetric encryption algorithm, involving a public and private key, which creates the so-called RSA problem. This occurs when one tries to perform a private-key operation when only the public key is known, requiring finding the eth roots of an arbitrary number, modulo N. Currently this is unrealistic to classically solve for >1024 bit RSA key sizes.

Here we see again the thing that makes quantum computing so fascinating: the ability to quickly solve non-deterministic polynomial (NP) problems. Whereas some NP problems can be solved quickly by classical computers, they do this by approximating a solution. NP-complete problems are those for which no classical approximation algorithm can be devised. An example of this is the Travelling Salesman Problem (TSP), which asks to determine the shortest possible route between a list of cities, while visiting each city once and returning to the origin city.

Even though TSP can be solved with classical computing for smaller number of cities (tens of thousands), larger numbers require approximation to get within 1%, as solving them would require excessively long running times.

Symmetric encryption algorithms are commonly used for live traffic, with only handshake and the initial establishing of a connection done using (slower) asymmetric encryption as a secure channel for exchanging of the symmetric keys. Although symmetric encryption tends to be faster than asymmetric encryption, it relies on both parties having access to the shared secret, instead of being able to use a public key.

Symmetric encryption is used with forward secrecy (also known as perfect forward secrecy). The idea behind FS being that instead of only relying on the security provided by the initial encrypted channel, one also encrypts the messages before they are being sent. This way even if the keys for the encryption channel got compromised, all an attacker would end up with are more encrypted messages, each encrypted using a different ephemeral key.

FS tends to use Diffie-Hellman key exchange or similar, resulting in a system that is comparable to a One-Time Pad (OTP) type of encryption, that only uses the encryption key once. Using traditional methods, this means that even after obtaining the private key and cracking a single message, one has to spend the same effort on every other message as on that first one in order to read the entire conversation. This is the reason why many secure chat programs like Signal as well as increasingly more HTTPS-enabled servers use FS.

It was already back in 1996 that Lov Grover came up with Grovers algorithm, which allows for a roughly quadratic speed-up as a black box search algorithm. Specifically it finds with high probability the likely input to a black box (like an encryption algorithm) which produced the known output (the encrypted message).

As noted by Daniel J. Bernstein, the creation of quantum computers that can effectively execute Grovers algorithm would necessitate at least the doubling of todays symmetric key lengths. This in addition to breaking RSA, DSA, ECDSA and many other cryptographic systems.

The observant among us may have noticed that despite some spurious marketing claims over the past years, we are rather short on actual quantum computers today. When it comes to quantum computers that have actually made it out of the laboratory and into a commercial setting, we have quantum annealing systems, with D-Wave being a well-known manufacturer of such systems.

Quantum annealing systems can only solve a subset of NP-complete problems, of which the travelling salesman problem, with a discrete search space. It would for example not be possible to run Shors algorithm on a quantum annealing system. Adiabatic quantum computation is closely related to quantum annealing and therefore equally unsuitable for a general-purpose quantum computing system.

This leaves todays quantum computing research thus mostly in the realm of simulations, and classical encryption mostly secure (for now).

When can we expect to see quantum computers that can decrypt every single one of our communications with nary any effort? This is a tricky question. Much of it relies on when we can get a significant number of quantum bits, or qubits, together into something like a quantum circuit model with sufficient error correction to make the results anywhere as reliable as those of classical computers.

At this point in time one could say that we are still trying to figure out what the basic elements of a quantum computer will look like. This has led to the following quantum computing models:

Of these four models, quantum annealing has been implemented and commercialized. The others have seen many physical realizations in laboratory settings, but arent up to scale yet. In many ways it isnt dissimilar to the situation that classical computers found themselves in throughout the 19th and early 20th century when successive computers found themselves moving from mechanical systems to relays and valves, followed by discrete transistors and ultimately (for now) countless transistors integrated into singular chips.

It was the discovery of semiconducting materials and new production processes that allowed classical computers to flourish. For quantum computing the question appears to be mostly a matter of when well manage to do the same there.

Even if in a decade or more from the quantum computing revolution will suddenly make our triple-strength, military-grade encryption look as robust as DES does today, we can always comfort ourselves with the knowledge that along with quantum computing we are also increasingly learning more about quantum cryptography.

In many ways quantum cryptography is even more exciting than classical cryptography, as it can exploit quantum mechanical properties. Best known is quantum key distribution (QKD), which uses the process of quantum communication to establish a shared key between two parties. The fascinating property of QKD is that the mere act of listening in on this communication will cause measurable changes. Essentially this provides unconditional security in distributing symmetric key material, and symmetric encryption is significantly more quantum-resistant.

All of this means that even if the coming decades are likely to bring some form of upheaval that may or may not mean the end of classical computing and cryptography with it, not all is lost. As usual, science and technology with it will progress, and future generations will look back on todays primitive technology with some level of puzzlement.

For now, using TLS 1.3 and any other protocols that support forward secrecy, and symmetric encryption in general, is your best bet.

Read this article:
Quantum Computing And The End Of Encryption - Hackaday

This morning, EFF and Mozilla called on Zoom to make their upcoming end-to-end encryption feature available to all 300 million of its users. We published an open letter urging Zooms CEO Eric Yuan not to exclude Zooms free customers from using their upcoming end-to-end encryption feature.

We applaud Zoom for building strong end-to-end encryption into their service. But by limiting this security enhancement to paid accounts, Zoom is denying privacy protections to the participants who may need them the most.

Zoom CEO Eric Yuan defended the decision to withhold strong encryption, saying, Free users for sure we dont want to give [them] that, because we also want to work together with the FBI, with local law enforcement. But many activists rely on Zoom as an organizing tool, including the Black-led movement against police violence. Given the long history of law enforcement targeting Black organizers for unconstitutional surveillance, this access raises serious concerns.

For decades, the DOJ and FBI have argued that their inability to access encrypted communications poses a serious threat to national security. But the idea that compromising on encryption will give special access to U.S. officials is a fallacy. Any mechanism that law enforcement uses to access Zoom users data will be vulnerable to oppressive regimes and other bad actors. We recognize that premium features are a key part of Zooms business model, but we strongly encourage them not to compromise the privacy and security of their users.

The ability to communicate privately is an essential feature of a free society. As more of our communication shifts to video calls, that feature shouldnt be reserved for those who can afford it.

June 8, 2020Eric YuanZoom Video Communications, Inc.

55 Almaden Boulevard, 6th FloorSan Jose, CA 95113

Dear Mr. Yuan,

While we were pleased to see Zooms plans for end-to-encryption, we are extremely surprised and concerned by the news that Zoom plans to offer this protection only to paying customers. We understand that Zoom is rightfully concerned about curbing child sexual abuse material (CSAM), but restricting end-to-end encryption to paid accounts is not the right solution.

As your own growth numbers demonstrate, Zoom is one of the most popular video-call platforms available. Recently, Mozilla conducted a U.S.-based survey that reiterated Zooms popularity among consumers. In this context, Zooms decisions about access to privacy and security features have enormous impact.

We strongly urge you to reconsider this decision given the following considerations:

In Mozillas letter to you in April, we highlighted our conviction that all users should have access to the strongest privacy and security features available. The value of privacy and security is even more critical today, especially for political organizers and protesters who may be the target of government surveillance.

Thank you for your openness to our previous recommendations we especially appreciate that you have already made important changes, such as prioritizing user consent to be unmuted. Our hope is that you consider this feedback and immediately adjust course.

Sincerely,

Ashley BoydVice President, Advocacy and EngagementMozilla Foundation

Gennie GebhartAssociate Director of ResearchElectronic Frontier Foundation

The rest is here:
Will Zoom Bring Encryption to the People Who Need It Most? - EFF

When Child sexual abuse material (CSAM), in the form of messages, are sent on WhatsApp, Telegram and other media, the real source of this information is often the web, including pornographic sites. The challenge lies in identifying the original source of the material and addressing that, a speaker said during MediaNamas workshop on identifying challenges to Encryption in India, The problem of identifying the source of the material is very tough. You cannot control who will take a video or an image and upload it to the Darknet. The web is easier, another speaker concurred. We have a problem at the DNS level, at the categorisation level: why cant ISPs join together and do it at a DNS level? Why cant we block these [specific] porn categories?

This workshop was held with support from the Internet Society (Asia Pacific Office), and was under the Chatham House rule; the quotes have thus not been attributed.

1. Mandatory reporting of pornographic material involving a child: There are laws and regulations that mandate reporting of CSAM, and compliance with the POCSO Act [Protection of Children Against Sexual Offences Act] is still being figured out.

As per the POCSO Act: Any person who has received any pornographic material involving a child or any information regarding such pornographic material either being stored or likely to be transmitted/distributed, shall report the contents to the SJPU [Special Juvenile Police Unit] or local police, or as the case may be, cyber-crime portal (cybercrime.gov.in). In addition, in case this is an intermediary, they shall also hand over the necessary material including the source from which such material may have originated. The report should include the details of the device in which it was noticed, and suspected device from which it was received, including the platform on which the content was displayed.

How intermediaries can comply with these requirements is still something being figured out, and something that platforms are struggling with how can such a thing be materialised, using available technological tools?

2. Non-cooperation of Intermediaries in reporting CSAM material: The lack of cooperation of intermediaries in reporting or assisting with detecting CSAM material in India ends up creating grounds for removal of encryption for monitoring of messages and groups:

Also read: Break end-to-end encryption to trace child porn distributors, make ISPs liable: Recommendations from Rajya Sabha Committee

3. Identification considerations:

A speaker pointed out that The government of India has the super-power to look into and obtain electronic evidence. In selective cases, when it is critical, you can talk to a company to tap into a device or an app to take evidence. Another said that if a message is shared with the police, you can tell whose device it is via the service provider. If you have information on one side of the message, then the whole purpose of E2E [end-to-end-encryption] is broken: If you have meta-data of those messages, you can point to the person himself. How do you know whose device it is? Via the service provider. Monitoring should be from the service provider perspective. Theres no need to break end to end encryption.

Online platforms, though, dont cooperate, according to another speaker: If I share a message with you, a screenshot, which indicates that at this time, this date, this device has been used to send this message. You have the phone number, through which you can access the device, through which you can access the person sending it. The platforms dont cooperate.

Breaking encryption is not possible, but there are workarounds, like usage of exploits, which can be used to provide access to mobile phones, one speaker said.

4. Concerns about proactive monitoring and usage of algorithms: Draft amendments to Indias Intermediary Liability rules call for platforms to use technological tools to proactively monitor content for taking down CSAM content, among other types of content. There are two key concerns here: Its a thin line, one speaker said. Proactive monitoring also translates to shoulder-surfing what someone is doing on an app.

Secondly, the effectiveness of algorithms is also a concern. While one speaker said that if you can use algorithms for serving content, for delivering advertising, surely you can do that for CSAM. Intermediaries have the resources and datasets to develop algorithms. At the same time, algorithms are entirely accurate, and accuracy will vary depending on one-to-one, one-to-many and many-to-many modes of matching. Algorithms also may not recognise context, as was famously demonstrated in Facebooks napalm girl incident.

Platforms can be an important source of learning for algorithms though: The source of content is porn sites, and they diversify, in terms of distribution, like Instagram and Facebook groups. Facebook and Instagram have jpeg level deep learning algos, and these groups are taken down consistently. Facebook and Instagram have information on how such sites operate. The historic information that they have, help taking down of pages, one speaker said. However, A solution invented for one platform cannot work on every platform.

5. VPN as a loophole: Even if traceability of individuals is possible at an ISP/Telecom operator level, those circulating CSAM material can use VPNs and proxy servers to bypass protections and restrictions.

What is the point of encryption if you can break it?

Questions that need clarification

Also in this series:

Read this article:
Encryption and issues related to Child Protection online - MediaNama.com

The so-called Election Administrators Prayer has nothing to do with ballot results or even turnout; its all about margin: Lord, let this election not be close.

The closer a contest is, the more significant any number of possible concerns become be they the kind of voter manipulation via social-media interference we saw in 2016, or undermined confidence stoked by unfounded claims that vote-by-mail expansion will lead to mass voter fraud.

Microsofts new vote-verification technology, ElectionGuard, cannot solve either of the above challenges. But it appears to do an effective job of battling at least one potential act of voting sabotage: hacking voting systems to alter votes. It does so by leveraging one of the most buzzed-about, longest-gestating cryptographic schemes in existence: homomorphic encryption.

In the simplest terms, homomorphic encryption allows computation to be performed on encrypted data, including in cloud environments, and produce an encrypted result, which can then be decrypted, with the end result being the same as if you did math on unencrypted data. Throughout the full cycle, from storage to analysis, the data could be interpreted and never be decrypted. (Think of a person being able to work with material inside a locked glove box, to borrow a metaphor favored by one HE pioneer.)

That portends a genuine breakthrough in privacy-preserving big data analytics, although it still has some growing up to do before it reaches commercial scalability. But when it comes to elections, its far closer to primetime.

Heres what it looks like in a voting context: ElectionGuard encrypts a voters choice, then produces a paper ballot to deposit, a paper ballot confirmation and a tracking code. The voter can then enter that tracking number online and confirm that their vote was counted correctly. If their vote had somehow been altered or tampered with, theyd have the receipts. Discrepancies would be readily apparent, and officials would have a backup of real votes.

Even if only a few voters double-checked their votes, that could go a long way.

If just one percent of voters nationally check that their ballots are correctly encrypted and tallied, it would be almost impossible for anyone to tamper with more than 100 votes out of 100 million without being caught, wrote Microsofts Alex Thornton on the companys blog.

Of course, the introduction of new tech into the voting process by nature has the potential to raise eyebrows. That fact isnt lost on Josh Benaloh, Microsoft Researchs senior cryptographer and the visionary behind ElectionGuard.

The pedagogy of explaining this has always been a challenge, he told Built In. Theres mathematics involved, [so] most voters dont want to hear about it. Certainly putting in electronics where electronics werent before might create suspicion, even if were putting it in ina verifiable way.

Election officials have justifiably gone from an innovation, what-can-we-do-better mindset to more of a preservation, how-can-we-have-a-vote-at-all mindset.

But the encryption scheme at the heart of ElectionGuard has long been considered a great match for voting security. And it appears to have performed well in its first major rodeo, a test pilot run during the spring primaries in Fulton, Wisconsin, in February. Microsoft didnt come across any major blind spots, and each voter that used the system was able to verify their vote.

Still, chances are low youll see ElectionGuard in your ballot booth in Novembers general election. Its definitely a longer play, Benaloh said. The hope was to have more pilots in 2020. That might still happen, but its not likely.

Election officials have justifiably gone from an innovation, what-can-we-do-better mindset to more of a preservation, how-can-we-have-a-vote-at-all mindset, he said.

RelatedA Tech Companys Guide to Deleting Personal Identifying Information

Thats not to say ElectionGuard and homomorphic encryption will be completely sidelined in November. The same HE scheme that underpins the confirmation system for the voter can also help election officials verify votes on their end.

After elections, officials perform risk-limiting auditing to ensure that physical ballots correspond to tallies. That includes a process called ballot comparison, wherein officials compare a number of randomly chosen individual ballots with an electronic record of ballots. That electronic record needs to be to some degree public-facing, to inspire voter confidence. But ballots show patterns, which means even an anonymized record is not secure enough.

ElectionGuards homomorphic encryption can bridge that gap. We can encrypt the electronic records in exactly the same way theyre encrypted for end-to-end verifiability during the vote, release the encryptions, and release a proof that these encryptions matched the announced tallies, Benaloh explained. Anytime a ballot is audited, we can open the encryption on that ballot and show that [the plain text] matches.

Its not the most exciting manifestation of ElectionGuard, Benaloh lamented. That would be the individual, voter-facing verification system and even that has hurdles to overcome, particularly for vote-by-mail. But its a promising step and a noteworthy achievement for a researcher whos devoted his professional life to election cryptography. (ElectionGuard is, in effect, a maturation of Benalohs 1987 thesis, and he studied under Ron Rivest the R in RSA who has also worked extensively in election-focused cryptography.)

And even a qualified win is notable, considering our non-nationalized election infrastructure infamously runs on such thin financial margins.

Asking election equipment vendors to spend any extra money [on innovation] when theyre basically [constantly] retooling their solution because every jurisdiction is difficult, he said. Its a hard ask for anybody.

One of the reasons homomorphic encryption is such a hand-in-glove fit for election security is because, at its core, voting tabulation is straightforward. Its just addition. ElectionGuard is an example of simple homomorphic encryption. Fully homomorphic encryption combines addition capabilities with multiplication capabilities. But even just those two primitives together have big consequences.

Its the only type of encryption that gives you those two properties, which is why its often considered to be the Holy Grail of cryptography, said Ellison Anne Williams, a former NSA cryptographer who in 2016 founded Enveil, which focuses on bringing HE to the commercial sector.

Getting to that point was a long time coming. Simple HE has been around for more than 40 years, nearly since the arrival of RSA. For years, people said, well, this multiplication-only doesnt have a lot of applications. Addition has a few, but itd be really nice if we could do both at the same time. And people looked at it and said, yeah, but thats probably not possible, and sort of swept it away.

It definitely is reaching and has reached in many use cases that level of maturity and commercial readiness, having been computationally impractical for the better part of 30 years before.

Then in 2009, cryptographer Craig Gentry finally successfully bridged the two and constructed the first fully homomorphic encryption scheme. It didnt take long for dreams of computing and analyzing encrypted data on commercial clouds to rev up again, and Gentry was awarded a MacArthur Genius grant for his groundbreaking research a few years later.

But even though Gentry had proven FHE was possible, it was still far from practical a computation under Gentrys 2009 scheme would have taken some trillion times longer than the same computation on unencrypted data. That absurd time overhead has come down some in the years since, from around 1025 to around 108 or 107 in some cases, according to Benaloh. Better, but still not practical.

RelatedIs Noisy Data Good Now? Differential Privacy Proponents Think So.

Despite the challenges, homomorphic encryption research is already finding its way to the commercial sector. At the aforementioned Enveil, Williams (left) has brought the expertise she refined at the NSA, where she researched encrypted search, mainly to finance. The company is also exploring healthcare and other industries with heavy privacy regulations. (Genomics analytics has attracted notable attention from homomorphic encryption researchers.)

At the center of Enveils services is the companys API-based software, which, as Williams explains, sits atop an organizations data at rest and data in transit and allows for some encrypted search and encrypted analytics sometimes over encrypted data, sometimes over unencrypted data.

We can take those searches or those analytics or those machine learning models, encrypt them, and then go run them anywhere our software is installed without ever decrypting them at any point during processing, she said. Thats powered by homomorphic encryption.

The secure-data-sharing aspect has applications in fighting money laundering, and in customer due diligence when financial services companies vet and verify new customers. A bank in the midst of these processes could securely gather data from banks in other jurisdictions or within its organization but across national lines, which would otherwise be impossible given privacy rules.

Thats essentially what Enveil demonstrated at a couple of tech sprint victories last year, when it ran an encrypted query across three banks in different jurisdictions to modify a risk score in a few seconds, which is unbelievable for homomorphic encryption return, said Williams, whose companys investors include MasterCard and Capital One Growth Ventures.

It definitely is reaching and has reached in many use cases that level of maturity and commercial readiness, having been computationally impractical for the better part of 30 years before, she said.

In recent years, theres also been a steady drip of open-source toolkits and libraries intended to get early-adopter developers experimenting with fully homomorphic encryption. Those include Microsofts SEAL and OpenMineds SEAL extension, TenSEAL, aimed at bringing homomorphic encryption to machine learning tensor operations. Last year Julia outlined a handwriting-recognition ML model using homomorphic encryption. And just this month IBM unveiled its HE toolkit for MacOS and iOS development.

The fact that IBMs toolkit was greeted with a mix of excitement and trepidation is perhaps emblematic of where things currently stand, especially in terms of general purpose fully homomorphic encryption. That remains almost never practical, but more and more specialized problems can be shoehorned in, Benaloh said. The trick involves structuring computation as much as possible toward addition and away from multiplication.

But thats not general purpose; thats case to case, Benaloh said.

Simpler computations think addition, averages, linear and close-to-linear are the present-day sweet spot on the way to, as they put it aptly I think the Holy Grail, he said.

In the meantime, working toward more secure elections will have to suffice.

RelatedYour Checklist for Switching to Kubernetes

More:
The Holy Grail of Encryption Can Help Secure Elections And That's Just the Beginning - Built In

INDUSTRY INSIGHT

With the COVID crisis pushing federal employees to work from home, were seeing a first-of-its-kind test for the way modern government functions. Even as agencies take great pains to ensure the security of messages, shared documents, video calls and phone chats across offices and missions, outdated computer systems or reliance on common communications platforms outside central offices opens an opportunity for exposure that could put government data at risk.

Only about 40% of the countrys 2.1 million federal workers were authorized to work remotely as of 2017, yet the pandemic has pushed larger agencies such as the Department of Health and Human Services, the Securities and Exchange Commission and the Energy Department to take precautions to prepare employees for a remote shift.

A large majority of intelligence workers still must go into work in highly secure government facilities where stringent policies and procedures ensure robust cyber protection, but for the rest of remote government workers, this could be a make-or-break moment.

As with many in the private sector, the rapid pace at which security threats have evolved has forced agencies to update and secure dated systems piecemeal. A gradual, lagging response to updating systems has now become a top priority due to the coronavirus. This has caused an exponential increase in federal agencies adopting end-to-end encryption (E2EE) as the only way to truly be sure that every employee -- from those working in federal buildings, running missions overseas, to those working from their kitchen counters -- can communicate securely, safe from cybercriminals and nation-state attackers.

From situation room to spare bedroom

The country as a whole made drastic changes to limit the virus spread, and so too did government agencies. They urged employees to sign remote working agreements and to be ready to telework full-time if necessary. Even as Zoom made its meteoric rise as the work-from-home videoconferencing standard, many agencies, including NASA, eschewed the service over privacy and security concerns, adding more confusion around which departments could use what tools.

But like most of the American workforce, government employees have been making this telework shift with little guidance and amid misinformation that can leave data exposed despite the best intentions. For example, although Zoom initially boasted about its E2E capabilities, it was only after a slew of headlines around Zoombombing that it became clear the company was marketing its services as E2EE, when in fact information was only encrypted client-to-server. This lower-grade security was adequate when Zooms use was more limited and sensitive conversations could happen in person, but it couldnt withstand the extra pressure applied when teams went fully remote and cybercriminals began to take advantage of increased use. When adapting to new conditions in real time, organizations often trust tools and take their claims at face value, but as the nation moves toward more remote work, tools must be scrutinized beyond their marketing claims.

Although the Department of Homeland Securitys Cybersecurity and Infrastructure Security Agency (CISA) released a checklist to help agencies make sure remote employees are operating as securely as possible, whats clear is that decades-old government computer services and networks cannot handle the massive remote access needed at the moment.

Nor can agencies control user behavior. Despite having the most powerful technology at their disposal, people are, more often than not, the cause of security breaches.

Basic steps

To stay secure, agencies must reduce human error, and that starts with educating every user on better practices, including the obvious warnings: Dont use public Wi-Fi; protect devices; use strong passwords and dont reuse them; back up all data; dont use work computers for personal matters; and attend regular security awareness training. Research shows that a third of all data breaches start with a user being fooled by a phishing scam into providing credentials or personal information, a technique thats become even more effective and popular with more reliance on email communication. IT staff should train all employees -- especially remote workers -- how to spot and thwart phishing emails and texts.

Another option is using a virtual private network, which provides a secure, private tunnel from the remote workers device to the network. Bad actors cannot easily access VPNs providing a secure connection -- especially those with E2EE -- even if the user is connecting over an unprotected public hotspot.

IT departments should also implement two-factor authentication for any work-from-home devices as an extra layer of protection for government devices and data, especially if passwords or other credentials are weak or leaked in a data breach. This extra step can involve email or text verification or fingerprint or face recognition depending on the importance of the data being protected.

Using essential encrypted communications

When it comes to the most sensitive data and communications, unauthorized access can be avoided via the use of the strongest E2EE.

Done correctly, E2EE gives electronic communication throughout agencies the same level of security and privacy as a face-to-face conversation, especially if the solution has ephemerality baked in. Messages or other communications are encrypted on a senders device, sent to the designated recipients device in an unreadable format, then automatically decoded for only the recipient.

No unencrypted data is stored on either device or on any third-party servers or networks. No individual or organization other than the intended recipient can decrypt messages, data or files, and users set message expiration times per the agencys data retention policies to meet all compliance standards.

There are several ways to ensure this degree of security, with varying levels of complexity. The easiest way is to find a solution that enables devices that guarantee E2EE as a digital lockbox. This means communications generate both a public and a private key. The public key is shared with anyone who encrypts a message, while the private key stays on the recipients device to decrypt the messages. A sender has the public key to put something in a lockbox and ostensibly secure it, but the recipient has the one and only key to unlock it.

If agencies can easily enact E2EE for remote workers, they can ensure that no bad actors can eavesdrop on government information. Clearly, different levels of encryption will be needed based on the sensitivity of the materials, but these fundamental steps can be taken. Superficially simple, but incredibly complex -- implementing rigorous E2EE protocols is the one essential way that agencies can remain as secure as possible while the workforce is stuck at home.

About the Author

Joel Wallenstrom is the CEO of Wickr.

More here:
Federal-grade encryption from the comfort of home - GCN.com

The AES Encryption Software market study added by Market Study Report, LLC, exhibits a comprehensive analysis of the growth trends present in the global business scenario. The study further presents conclusive data referring to the commercialization aspects, industry size and profit estimation of the market. The study also illustrates the competitive standing of leading manufacturers in the projection timeline whilst incorporating their diverse portfolio and regional expansion endeavors.

The research report on AES Encryption Software market comprises of an in-depth analysis of this business vertical, while evaluating all the segments of this industry landscape. The report provides with key insights regarding the competitive ambit as well as gross earnings of key market players. Moreover, the information concerning the regional contribution and the competitive landscape of the market is cited in the report.

Request a sample Report of AES Encryption Software Market at:https://www.marketstudyreport.com/request-a-sample/2464064?utm_source=coleofduty&utm_medium=AG

The COVID-19 pandemic has compelled various governments to impose strict lockdown which in turn has halted the operations and processes of several firms as well as manufacturing facilities, thereby affecting global economy. Additionally, numerous enterprises across the globe are witnessing scarcity of labor along with insufficient raw materials owing to the disease outbreak, which is estimated to result in modification in the growth of AES Encryption Software market in the forthcoming years.

Highlighting the major parts from the AES Encryption Software market report:

Elaborating on the regional scope of AES Encryption Software market:

Emphasizing on the competitive spectrum of AES Encryption Software market:

.

Ask for Discount on AES Encryption Software Market Report at:https://www.marketstudyreport.com/check-for-discount/2464064?utm_source=coleofduty&utm_medium=AG

Global AES Encryption Software Market: Segment Analysis

The research report includes specific segments such as application and product type. Each type provides information about the sales during the forecast period of 2015 to 2026. The application segment also provides revenue by volume and sales during the forecast period of 2015 to 2026. Understanding the segments helps in identifying the importance of different factors that aid the AES Encryption Software market growth.

Global Market: Competitive Landscape

In the competitive analysis section of the report, leading as well as prominent players of the global AES Encryption Software market are broadly studied on the basis of key factors. The report offers comprehensive analysis and accurate statistics on revenue by the player for the period 2015-2020. It also offers detailed analysis supported by reliable statistics on price and revenue (global level) by player for the period 2015-2020.

Other aspects of AES Encryption Software market research report:

.

.

Key Questions Answered in Global AES Encryption Software Market Report:

The Report Provides The Following Information:

For More Details On this Report: https://www.marketstudyreport.com/reports/global-aes-encryption-software-market-size-status-and-forecast-2020-2026

Related Reports:

1. COVID-19 Impact on Global Multicarrier Parcel Management Solution Market Size, Status and Forecast 2020-2026Read More: https://www.marketstudyreport.com/reports/covid-19-impact-on-global-multicarrier-parcel-management-solution-market-size-status-and-forecast-2020-2026

2. COVID-19 Impact on Global Online Program Management in Higher Education Market Size, Status and Forecast 2020-2026Read More: https://www.marketstudyreport.com/reports/covid-19-impact-on-global-online-program-management-in-higher-education-market-size-status-and-forecast-2020-2026

Read More Reports On: https://www.marketwatch.com/press-release/liver-fibrosis-drug-market-size-is-expected-to-exhibit-13290-million-usd-by-2025-2020-06-10

Contact Us:Corporate Sales,Market Study Report LLCPhone: 1-302-273-0910Toll Free: 1-866-764-2150 Email: [emailprotected]

See the original post:
AES Encryption Software Market Analysis, Size, Regional Outlook, Competitive Strategies and Forecasts to 2026 - Cole of Duty

IBM has released new toolkits for macOS and iOS that will make it possible for developers to begin incorporating fully homomorphic encryption (FHE) into their apps and services.

While the company has released toolkits for Apple's mobile and desktop operating systems on GitHub, it also plans to make them available for Linux and Android soon.

FHE is a technology that allows data to be analyzed and used while still being encrypted. Senior research scientist at IBM Research, Flavio Bergamaschi provided further insight on FHE in a blog post announcing the new toolkits, saying:

The common methods of storing and sharing sensitive data with colleagues and partners have weak links. Today, files are often encrypted in transit and at rest, but decrypted while in use. This provides hackers and insiders with repeated opportunities to exfiltrate unencrypted data. FHE plugs these holes. It allows the manipulation of data by permissioned parties while it remains encrypted, minimizing the time it exists in its most vulnerable state.

In an interview with ZDNet, Bergamaschi explained that FHE is well-suited for use in heavily-regulated industries like finance and healthcare where businesses are trying to protect extremely sensitive data.

Implementing FHE will likely require organizations to rewrite parts of the business logic used in their programs but this will lead to impressive security gains where data is encrypted at all times, even when in use.

In order to prove FHE's value when it comes to secure outsourcing such as when outsourcing computation from the cloud, IBM completed a proof of concept with Brazil's Bradesco Bank which is the second-largest bank in South America. The goal of this undertaking was to use FHE to securely analyze customer data with the aim of predicting whether someone would require a loan within the next three months.

IBM security researchers used a large data set made up of 360,000 customer IDs with 546 different features each and put a homomorphic encryption layer between the data and the analysts. The results of the proof of concept proved that predictions made using FHE could be delivered with the same accuracy as they could without encryption.

While FHE was first discussed in the late 1970s, it has taken a long time for it to become fast enough for everyday usage. Now though that IBM has released its first set of FHE toolkits, expect developers and organizations to begin incorporating the technology into their software.

Via ZDNet

Read more here:
iPhone and Mac data encrypted in use by IBM toolkit - TechRadar