Enlarge / Conceptual computer artwork of electronic circuitry with blue and red light passing through it, representing how data may be controlled and stored in a quantum computer.

Getty Images

In the not-too-distant futureas little as a decade, perhaps, nobody knows exactly how longthe cryptography protecting your bank transactions, chat messages, and medical records from prying eyes is going to break spectacularly with the advent of quantum computing. On Tuesday, a US government agency named four replacement encryption schemes to head off this cryptopocalypse.

Some of the most widely used public-key encryption systemsincluding those using the RSA, Diffie-Hellman, and elliptic curve Diffie-Hellman algorithmsrely on mathematics to protect sensitive data. These mathematical problems include (1) factoring a key's large composite number (usually denoted as N) to derive its two factors (usually denoted as P and Q) and (2) computing the discrete logarithm that key is based on.

The security of these cryptosystems depends entirely on how difficult it is for classical computers to solve these problems. While it's easy to generate keys that can encrypt and decrypt data at will, it's impossible from a practical standpoint for an adversary to calculate the numbers that make them work.

The researchers estimated that the sum of the computation time for both of the new records was about 4,000 core-years using Intel Xeon Gold 6130 CPUs (running at 2.1 GHz). Like previous records, these were accomplished using a complex algorithm called the Number Field Sieve, which can be used to perform both integer factoring and finite field discrete logarithms.

Quantum computing is still in the experimental phase, but the results have already made it clear it can solve the same mathematical problems instantaneously. Increasing the size of the keys won't help, either, since Shor's algorithm, a quantum-computing technique developed in 1994 by American mathematician Peter Shor, works orders of magnitude faster in solving integer factorization and discrete logarithmic problems.

Researchers have known for decades these algorithms are vulnerable and have been cautioning the world to prepare for the day when all data that has been encrypted using them can be unscrambled. Chief among the proponents is the US Department of Commerce's National Institute of Standards and Technology (NIST), which is leading a drive for post-quantum cryptography (PQC).

On Tuesday, NIST said it selected four candidate PQC algorithms to replace those that are expected to be felled by quantum computing. They are: CRYSTALS-Kyber, CRYSTALS-Dilithium, FALCON, and SPHINCS+.

CRYSTALS-Kyber and CRYSTALS-Dilithium are likely to be the two most widely used replacements. CRYSTALS-Kyber is used for establishing digital keys that two computers that have never interacted with each other can use to encrypt data. The remaining three, meanwhile, are used for digitally signing encrypted data to establish who sent it.

"CRYSTALS-Kyber (key-establishment) and CRYSTALS-Dilithium (digital signatures) were both selected for their strong security and excellent performance, and NIST expects them to work well in most applications," NIST officials wrote. "FALCON will also be standardized by NIST since there may be use cases for which CRYSTALS-Dilithium signatures are too large. SPHINCS+ will also be standardized to avoid relying only on the security of lattices for signatures. NIST asks for public feedback on a version of SPHINCS+ with a lower number of maximum signatures."

The selections announced today are likely to have significant influence going forward.

"The NIST choices certainly matter because many large companies have to comply with the NIST standards even if their own chief cryptographers don't agree with their choices," said Graham Steel, CEO of Cryptosense, a company that makes cryptography management software. "But having said that, I personally believe their choices are based on sound reasoning, given what we know right now about the security of these different mathematical problems, and the trade-off with performance."

Nadia Heninger, an associate professor of computer science and engineering at the University of California, San Diego, agreed.

"The algorithms NIST chooses will be the de facto international standard, barring any unexpected last-minute developments," she wrote in an email. "A lot of companies have been waiting with bated breath for these choices to be announced so they can implement them ASAP."

While no one knows exactly when quantum computers will be available, there is considerable urgency in moving to PQC as soon as possible. Many researchers say it's likely that criminals and nation-state spies are recording massive amounts of encrypted communications and stockpiling them for the day they can be decrypted.

Read more:
The cryptopocalypse is nigh! NIST rolls out new encryption standards to prepare - Ars Technica

Google recently released new features for its SaaS data warehouse BigQuery which include column level encryption functions and dynamic masking of information. These features add a second layer of defense on top of access control to help secure and manage sensitive data.

Specifically, dynamic masking of information can be used for real-time transactions whereas column level encryption provides additional security for data at rest or in motion where real-time usability is not required.

These new features could be useful for companies that store personally identifiable information (PII) and other sensitive data such as credit-card data and biometric information. Companies that store and analyze data in countries where data regulation and privacy mandates are evolving, face ongoing risks from data breaches and data leakage and need to control data access, and these companies may also benefit from the new features.

Column-level encryption enables the encryption and decryption of information at column level, which means that the administrator can select which column is encrypted and which is not. It supports the AES-GCM (non-deterministic) and AES-SIV (deterministic) encryption algorithms. Functions support AES-SIV to allow for grouping, aggregation, and joins on encrypted data. This new feature enables some new use cases: when data is natively encrypted in BigQuery and must be decrypted when accessed, or where data is externally encrypted, stored in BigQuery, and must then be decrypted when accessed.

Column-level encryption is integrated with Cloud Key Management System (Cloud KMS) to provide the administrator more control, to allow management of the encryption keys in KMS, and to enable on-access secure key retrieval as well as detailed logging. Cloud KMS can be used to generate the KEK (key encryption key) that encrypts the DEK (data encryption key) that encrypts the data in BigQuery columns. Cloud KMS uses IAM (identity and access management) to define roles and permissions. KEK is a symmetric encryption keyset that is stored in Cloud KMS, and referencing an encrypted keyset in BigQuery reduces the risk of key exposure.

The BigQuery documentation explains:

At query execution time, you provide the Cloud KMS resource path of the KEK and the ciphertext from the wrapped DEK. BigQuery calls Cloud KMS to unwrap the DEK, and then uses that key to decrypt the data in your query. The unwrapped version of the DEK is only stored in memory for the duration of the query, and then destroyed.

In one example of a use case, the ZIP code is the data to be encrypted and a non-deterministic functions decrypt data when it is accessed by using the function in the query that is being run on the table.

From BigQuery documentation

In a second example, the AEAD deterministic function can decrypt data when it is accessed by using the function in the query that is being run on the table and supports aggregation and joins using the encrypted data.

From BigQuery documentation

In this way even a user who is not allowed to access the encrypted data can perform a join.

Before the release of column level encryption feature, the administrators need to make copies of the datasets with data obfuscated in order to manage the right accesses to groups. This creates an inconsistent approach to protecting data, which can be expensive to manage. Column level encryption increases the security level because each column can have its own encryption key instead of a single key for the entire database. Using column level encryption allows faster data access because theres less encryption data.

Dynamic masking of information, released in preview, allows more control to administrators who can choose, combined with the column-level access control, to grant full access, no access to data or masked data extending the column-level security. This capability selectively masks column-level data at query time based on the defined masking rules, user roles and privileges. This feature allows the administrators to obfuscate sensitive data and control user access while mitigating the risk of data leakage.

Thanks to this new feature, sharing data is easier, because the administrators can hide information selectively and the tables can be shared with large groups of users. At application level, the developers dont need to modify the query to hide sensitive data, after the data masking is configured at BigQuery level, the existing query automatically hides the data based on the roles the user is granted. Last but not least, the application of security is more easy, because the administrator can write the security rule once and then apply it to any number of columns with tags.

Any masking policies or encryption applied on the base tables are carried over to authorized views and materialized views, and masking or encryption is compatible with other security features such as row-level security.

Both new features can be used to increase security, manage access control, comply with privacy law, and create safe test environments. Allow a more consistent way to manage tables with sensitive data, the administrators dont need to create multiple datasets with encrypted (or not) data and share these copies with right users.

Read the original post:
Google's BigQuery Introduces Column-Level Encryption Functions and Dynamic Masking of Information - InfoQ.com

Tech companies could be fined $25 million (18 million) or ten percent of their global annual revenue if they don't build suitable mechanisms to scan for child sex abuse material (CSAM) in end-to-end encrypted messages and an amended UK law is passed.

The proposed update to the Online Safety bill [PDF], currently working its way through Parliament, states that British and foreign providers of a "regulated user-to-user service" must report any shared child sexual exploitation and abuse (CSEA) content to the country's National Crime Agency. The amendment to the legislation makes it clear that companies must develop software capable of peering into messages, even end-to-end encrypted chatter, to actively detect and report CSEA material to the authorities or face sanctions.

Truly secure end-to-end encrypted messages can only be read by those participating in the conversation, not network eavesdroppers nor the app's makers. However, it is possible for chat software developers to add a filter, potentially on each device, that automatically scans for certain illegal material before it's encrypted and sent or after it's received and decrypted.

How well that computer-vision process would work in practice, and whether the false positive rate causes people's private and lawful chatter to be beamed to the government, remains to be seen. Netizens may also not trust that just CSEA content is being reported.

Alternatively, an app maker could engineer their service and code to intercept and inspect the messages as they whiz between a conversation's participants, but that would undermine the whole end-to-end nature. And stuff that isn't end-to-end encrypted can be monitored as the app or service provider chooses.

However which way it's implemented, the British Conservative government, or what's left of it after a ministerial revolt against Prime Minister Boris Johnson, wants communications, encrypted or not, to be screened for CSEA material, and has positioned its Online Safety bill to that effect.

"Things like end-to-end encryption significantly reduce the ability for platforms to detect child sexual abuse," the UK's Home Secretary Priti Patel well, Home Secretary at time of writing on Wednesday argued earlier in the day. "The Online Safety Bill sets a clear legal duty to prevent, identify, and remove child sexual abuse content, irrespective of the technologies they use. Nobody can sensibly deny that this is a moral imperative."

If the legislation is passed by Parliament, Ofcom the UK's communications watchdog will have the power to force tech companies to pay penalties if this inspection system isn't implemented. "The onus is on tech companies to develop or source technology to mitigate the risks, regardless of their design choices. If they fail to do so, Ofcom will be able to impose fines of up to 18 million or [ten percent] of the company's global annual turnover depending on which is higher," Patel warned.

"We do not want to censor anyone or restrict free speech, but we must do more to combat these foul, hugely destructive crimes," she added.

Building in automatic detection of CSEA content is controversial. Engineers, legal experts, and activists have highlighted the risks of developing such capabilities. It may torpedo users' privacy, and potentially gives government officials a foot in the door to monitoring people's conversations. For instance, these filters, once implemented, could be expanded beyond child abuse.

Patel, however, believes changes to encryption systems to support this scanning can still preserve users' privacy while combating CSEA: "The UK government wholeheartedly supports the responsible use of encryption technologies We, and other child safety and tech experts, believe that it is possible to implement end-to-end encryption in a way that preserves users' right to privacy, while ensuring children remain safe online."

"If end-to-end encryption is implemented without the relevant safety mitigations in place, this will become much harder. It will significantly reduce tech companies' and law enforcement's ability to detect child sexual abuse happening online. This is obviously unacceptable," she said.

Last year, Apple quietly paused plans to scan for CSAM on iPhones. Apple's detection scheme was heavily criticized by academics and advocacy groups.

"Once this capability is built into Apple products, the company and its competitors will face enormous pressure and potentially legal requirements from governments around the world to scan photos not just for CSAM, but also for other images a government finds objectionable," declared a letter signed by more than 90 human-rights groups.

The Online Safety bill also attempts to tackle disinformation by getting social networks to filter out state-made interference, and reduce the distribution of stolen information for the purposes of undermining democracy.

The likes of YouTube may also be banned from removing news content until publishers and outlets have had a chance to appeal.

Read the original post:
Tech world may face huge fines if it doesn't scrub CSAM from encrypted chats - The Register

The proxy vs VPN debate addresses two different methods of accessing the internet anonymously. Both make it appear as if you've established a connection from a different IP address by routing traffic through a remote server. This may be particularly important if youre concerned about the privacy of your personal data and your browsing habits.

However, while these technologies do similar things, they dont work in the same way, and knowing the difference can have significant implications for your online security. In this article, we take a closer look at the differences between proxies and VPNs, how they can be best used, and who will find them most useful. Lets see how they stack up against one another.

A proxy is a type of server that acts as a middle-man for internet traffic and data. It redirects internet traffic from a particular application to a different location before routing it to its eventual destination. By masking your IP address, it gives the impression that the traffic originated somewhere else.

There are various types of proxies, each with different features. For example, a proxy may be what is referred to as transparent. With a transparent proxy, the connection between your computer and the internet is intercepted. You might request to view a certain website page, but this is not delivered to you directly from that websites server, but rather via a transparent proxy running on your network. However, because your experience of using that website is exactly the same, the proxy is transparentyou are possibly even entirely unaware that it is there. However, the owner of the network on which the transparent proxy is running will be able to monitor your activity.

On the other hand, with a non-transparent proxy, you will have been required to first configure your browser to send its requests explicitly to the proxys IP address and sometimes to enter authentication details in your settings.

VPN stands for virtual private network. Similar to a proxy, a VPN also acts as a go-between for internet traffic and data. The main distinction is how they utilize encryption. VPNs tend to be significantly more secure than proxies because, at the same time as concealing your IP address, they also build an encryption tunnel between your computer and the server, making data interception nearly impossible. NordVPN (opens in new tab)and ExpressVPN (opens in new tab) are powerful examples of platforms that do this.

Its also important to note that a VPN protects your entire computer, redirecting and encrypting all your internet traffic rather than just that of a single application, as in the case of a proxy.

A VPN, therefore, serves as a secure gateway to the internet. Most popular devices, such as your phone, laptop, and desktop, can run VPN software. One thing to keep in mind is that a VPN service provider is not an internet service provider (ISP). To access the internet, you'll still need an ISPyour VPN will run atop that connection.

Deciding on whether to use a proxy or a VPN will depend on your individual needs. Let's use video streaming as an example. If youre out of the country, but want to stream video content that is exclusively available to users in the United States, you could use a US-based proxy server to access the streaming site. Certain platforms like SmartProxy (opens in new tab)excel at this, but some providers, like Netflix, are starting to block proxies.

Proxies can also help prevent users from being bombarded with unwanted advertisements, or to avoid the capture of IP-specific data. Large organizations often find transparent proxies especially beneficial. For example, they can be used in schools to restrict access to age-inappropriate websites, or businesses might use them to block the use of distracting social media platforms.

However, proxies are not suitable for activities such as online banking and shopping. Here, your security may be jeopardized if your personal details aren't safeguardedand youll need encryption for this. A VPN is therefore a superior option for users who want to share sensitive information or engage in other activities where its important to keep data safe, such as torrenting. Theyre particularly useful when using public WiFi.

VPN companies also tend to be more proficient when it comes to accessing geo-locked content, as they provide a higher level of online anonymity and security. For this reason, a VPN may be best overall if you want to watch Netflix or Hulu from a different region.

One downside is that due to the encryption process, the use of a VPN can sometimes cause a noticeable decrease in internet speed. However, there are numerous fast VPN applications available, with speeds improving all the time. Because data encryption places a greater demand on your devices resources, VPNs can also be a slightly more expensive option than proxy servers. There are, however, many excellent inexpensive VPNs to choose from, as well as some good free ones.

Proxies and VPNs share similarities in that they both employ the use of a remote server to mask your IP address and redirect internet traffic through it. The major difference between the two is encryption, and it is for this reason that VPNs far outperform proxy servers (opens in new tab)when it comes to secure browsing, especially on public WiFi networks.

With a huge range of options available, its not always easy to choose the perfect software for you. To help you in the decision-making process, weve recommended some of our favorites. Take a look at our guides to the best VPN services and the best proxy services (opens in new tab) of 2022.

Read more:
Proxies vs VPN: What is the difference? - TechRadar

Quantum technologies are expected to unlock transformative opportunities in computing, sensing and communications. At the same time, they introduce unique challenges for current operating practices across government and industry. Perhaps most alarmingly, quantum computers capable of breaking encryption could exist as early as the end of the next decade. Thankfully, we already have a roadmap for protecting sensitive systems and data against this threat. Recognizing the complexity of translating this roadmap into practice, the White...

READ MORE

Quantum technologies are expected to unlock transformative opportunities in computing, sensing and communications. At the same time, they introduce unique challenges for current operating practices across government and industry. Perhaps most alarmingly, quantum computers capable of breaking encryption could exist as early as the end of the next decade. Thankfully, we already have a roadmap for protecting sensitive systems and data against this threat. Recognizing the complexity of translating this roadmap into practice, the White House has initiated several recent executive actions to accelerate whole-of-government preparation for quantum technology capable of disrupting U.S. infrastructure and interests.

In this article, we untangle how quantum technology threatens cybersecurity and outline what organizations can do today to begin protecting sensitive assets against quantum attacks.

The internet relies on multiple cryptographic techniques to meet different information storage and communications needs. Public key (or asymmetric) cryptography has become an especially popular mechanism for encrypting information in the digital age because it sidesteps symmetric cryptographys logistical challenge of sharing a single key. Public key cryptography rests on the assumption that we can effectively secure information behind certain difficult math problems, and it has successfully delivered on that promise since the 1970s. Certain calculations are so computationally onerous that they are practically impossible to solve, even with todays best supercomputers. But quantum technology is changing the rules of the game.

Quantum computers will solve certain types of problems exponentially faster than todays computers, which we call classical computers. But faster is a bit misleading; against certain problem sets, quantum computers enable entirely new capabilities. Some of these are incredibly exciting and offer opportunities to revolutionize public service missions. Others threaten the foundation of modern data protection as they decompose the difficult math problems we rely on for cybersecurity. Quantum changes what constitutes a hard math problem by requiring it to be difficult for both classical and quantum computers. To meet this new standard, the field must identify new cryptographic algorithms. Ultimately, this transition will require organizations to identify and update vulnerable cryptography with quantum-resistant alternatives, referred to as post-quantum cryptography (PQC). The urgency around PQC has grown tremendously in the last year, but weve been headed for this inflection point for a long time.

When we talk about the quantum cyber threat, we often talk about factoring. Factoring is one of the computationally intractable problems enabling public key encryption today. For example, RSA encryption uses factoring to establish a mathematical relationship between a public and private key. Without knowing one of the factors in the published public key, decomposing the large number into its primes is so computationally onerous that we have been able to effectively conceal information behind this calculation for half a century. However, in 1994, Peter Shor demonstrated that this approach would not remain secure forever. Quantum computers can solve these problems efficiently, leaving RSA-encrypted information vulnerable when the quantum hardware necessary to implement Shors algorithm reaches scale.

If weve known about this possibility since the 1990s, what changed to drive the urgency were seeing today? The simplest answer is quantum computing capacity. When Shor developed the algorithm capable of breaking RSA encryption, it was not clear if we would ever have a quantum computer capable of executing it. Today, we know that it is a question of when, not if. The National Institute of Standards and Technology and the Department of Homeland Security warn we could see a quantum computer capable of breaking current encryption methods as early as the end of the next decade. That may sound far away, but those familiar with the complexity of this and other cryptographic transitions know that were up against a challenging timeline to transition to PQC.

PQC refers to the suite of classical algorithms designed to be difficult for both classical and quantum computers. NIST is in the final stages of standardizing these algorithms and NSA has already recommended PQC as our front-line solution for quantum-safe cybersecurity. In parallel, DHS recently published guidance to help federal agencies begin planning for PQC. In January 2022, the White House issued National Security Memorandum VIII (NSM-8) updating Executive Order 14028 to include new PQC transition requirements for national security systems. Additional requirements followed in May 2022, continuing to build momentum for the whole-of-government transition required for post-quantum cybersecurity. The Executive Order on Enhancing the National Quantum Initiative Advisory Committee reinforced the strategic importance of this technology area by establishing that the committee shall now report directly to the President in addition to its previous duties. NSM-10 emphasizes the urgency of PQC transitions by establishing an annual assessment and review cadence to ensure progress in a national quantum-safe cyber posture. NSM-10 also reflects the importance of parallel efforts in the private sector and tasks NIST with creating public-private partnerships to encourage private entities adoption of shared PQC migration standards.

Organizations must start planning their transition today to ensure the appropriate protections are in place for their most sensitive assets before quantum computers capable of breaking public key encryption emerge. NIST suggests that it may be decades before the community replaces most of the vulnerable public-key systems currently in use given the complexity of transitioning to PQC. If we really do see cryptographically relevant quantum computers by the end of the decade, thats time we dont have. NIST also called special attention to the fact that the community cannot expect PQC algorithms to function as drop-in replacements. Every agencys migration will be unique, intensifying the importance of early prototypes to identify PQCs effects on application and network performance. By auditing their cybersecurity infrastructure, organizations can identify vulnerable cryptography and develop comprehensive strategies for prototyping, implementing and maintaining security against both quantum and classical threats.

Jordan Kenyon, PhD is a senior lead scientist at Booz Allen Hamilton. JD Dulny, PhD is a director and serves as Booz Allens firm-wide quantum lead. The Booz Allen quantum team focuses on the science and impact of quantum technologies to client missions.

Read more:
In the quantum era, cybersecurity is a race against the clock - Federal News Network