Image: Cisco Talos

Quantum technology that the worlds superpowers are developing, if successful, will render many current encryption algorithms obsolete overnight. Whoever has access to this technology will be able to read almost any encrypted data or message.

Organizations need to pay attention to this emerging technology and take stock of the encryption algorithms in use, while planning to eventually upgrade these. Quantum computers already exist as proof-of-concept systems. For the moment, none are powerful enough to crack current encryption, but the private and public sectors are investing billions of dollars to create powerful systems that will revolutionize computing.

Nobody knows when a powerful quantum computer will become available, but we can predict the effects on security and prepare defenses.

Classical computers operate using bits of information. These bits exist in one of two states, either 1 or 0. Quantum computers operate in a different, but analogous way, operating with qubits. A qubit exists in a mixed state that is both partly 1 and partly 0 at the same time, only adopting a final state at the point when it is measured. This feature allows quantum computers to perform certain calculations much faster than current computers.

Quantum computers cannot solve problems for which current systems are unable to find solutions. However, some calculations take too long for practical application with current computers. With quantum computings speed, these calculations could become trivial to perform.

One example is finding the prime factors of large numbers. Any number can be expressed as multiples of prime numbers, but finding these prime numbers currently takes an incredibly long time. Public-key encryption algorithms rely on this fact to ensure the security of the data they encrypt.

It is the impractical amount of time involved, not the impossibility of the calculation, which secures public-key encryption. An approach named Shors algorithm can rapidly find such prime factors but can only be executed on a sizable quantum computer.

We know that we can break current public-key encryption by applying Shors algorithm, but we are waiting for a suitably powerful quantum computer to become available to implement this. Once someone develops a suitable quantum computer, the owner could break any system reliant on current public-key encryption.

SEE: Google Chrome: Security and UI tips you need to know (TechRepublic Premium)

Creating a working, sizable quantum computer is not a trivial matter.A handful of proof-of-concept quantum computing systems have been developed in the private sector. Although quantum research has been identified as a strategic priority for many countries, the path forward is less clear. Nevertheless, China has made quantum technology part of their current five-year plan and is known to have developed functional quantum systems to detect stealth aircraft and submarines, and have deployed quantum communication with satellites.

We know the difficulties in creating a sizable quantum system. What we dont know is if one of the global superpowers has overcome these and succeeded. We can expect that whoever is first to create such a system will be keen to keep it secret. Nevertheless, we can anticipate clues that will indicate a threat actor has developed a functional system.

Anyone possessing the worlds most powerful decryption computer will find it difficult to resist the temptation to put it to use. We would expect to see a threat actor seeking to collect large quantities of encrypted data in transit and data at rest, possibly by masquerading as criminal attacks.

Currently, experts do not observe the volume of network redirection attacks that would be expected for the large-scale collection of data, nor do we see the large-scale exfiltration of stored encrypted data. This is not to say that such attacks dont happen, but they are less frequent or audacious than might be expected if a state-sponsored threat actor was collecting data at scale.

Nobody knows when current encryption techniques will become obsolete. But we can prepare by upgrading encryption algorithms to those believed to be resistant to quantum attack. NIST is preparing standards for post-quantum encryption. In the meantime, the NSA has produced guidelines that offer guidance before relevant standards are published.

Encrypted, archived data is also at risk. Organizations may wish to consider if old data is still required. Wiping obsolete data may be the best defense against having the data stolen.

Until a sizable quantum computer is built and made available for research, we cannot be certain about the capabilities of such a system. It is possible that physical constraints will mean that such a system is not practical to build. Certainly, programming quantum computers will require new software engineering practices. It is also possible that programming shortcuts will be found that allow the practical breaking of encryption with a smaller quantum computer than currently expected.

Post-quantum standards and advice from governmental entities are welcome to guide organizations in transitioning to a quantum-secure environment. However, such advice may not reflect the state-of-the-art of malicious actors.

SEE: Password breach: Why pop culture and passwords dont mix (free PDF) (TechRepublic)

At some point, many current encryption algorithms will become instantly vulnerable to attack. In anticipation of this moment, organizations should take stock of the encryption algorithms they use and the associated key lengths. Where possible, systems should migrate to use AES-256 encryption, use SHA-384 or SHA-512 for hashing, and extend key lengths beyond 3072 bits as an interim measure.

Anyone implementing encryption software should consider the algorithm life span and provide users with the ability to change encryption strength and algorithm as necessary.

Quantum computing is a major focus of research and investment. Physical constraints mean that current chip architectures are difficult to advance further. Practical quantum computer systems will bring large gains in computing power and allow new computational techniques to be applied to solve problems that are currently impractical to calculate.

One application of a new quantum computer will be breaking encryption. When such a system is developed, its existence is likely to be kept secret. However, there are likely to be indicators in the actions of sophisticated threat actors that will betray the systems operation.

Reviewing and improving encryption implementations well in advance of the deployment of a functional quantum computer is vital to ensure the continued confidentiality of information. Take stock of encryption currently in use and plan how to upgrade this if necessary.

We might not be able to predict when such a system will be deployed against us, but we can prepare in advance our response.

For more information, visit the Cisco Newsrooms Q&A with Martin.

Author Martin Lee is technical lead of security research within Talos, Ciscos threat intelligence and research organization. As a researcher within Talos, he seeks to improve the resilience of the Internet and awareness of current threats through researching system vulnerabilities and changes in the threat landscape. With 19 years of experience within the security industry, he is CISSP certified, a Chartered Engineer, and holds degrees from the universities of Bristol, Cambridge, Paris and Oxford.

See original here:
Is 2022 the year encryption is doomed? - TechRepublic

Google announced a major update to Google Meet today that includes a number of long-requested features and plenty that you didnt even know you needed. There is a long list here, but the main additions are likely in-meeting reactions to give immediate updates to the Meet companion mode, emoji-based feedback, the ability to use Meet right inside of Docs, Sheets and Slides, as well as a new picture-in-picture mode so you can more easily ignore a meeting and the ability to stream a meeting to YouTube.

Security is another highlight of todays announcement. Starting in May, Google is rolling out client-side encryption in Meet, which is currently still in beta. With this, users have full control over the encryption keys and the identity provider used to access those keys. Later this year, Google will also introduce option end-to-end encryption for all meetings. Currently, all Meet data is encrypted in transit.

Image Credits: Google

Since 2020, its become increasingly clear that human connection is crucial, said Dave Citron, Googles director of product management for Google Meet and Voice in a press briefing ahead of todays announcement. We know we need solutions that help people build connections that can bridge the gap between physical spaces and the somewhere else.

He noted that a lot of these updates today focus on collaboration equity, that is, the ability to contribute to meetings regardless of location, role, experience level, language and device preference. One example for this is companion mode, which launched earlier this year and allows users to join a video meeting on a second screen. Now, Google is updating this with personal video tiles for every participant in a hybrid meeting, even if they are in a conference room with other participants. This update will work towards making those in physical space have the same experience as those who are working remotely, Citron explained.

Image Credits: Google

Like too many features Google announces these days, these updates will roll out later this year. This also means youll have to wait until next month to regale your co-workers with emojis during a meeting to help teams celebrate wins, offer support and share the love, as a Google spokesperson called it.

Picture-in-picture mode will also roll out next month, while automatic noise cancellation on Google Meet hardware is now rolling out to all users on Meet-enabled Logitech, Acer and Asus hardware.

The ability to stream to YouTube, which most companies will probably use for webinars and similar outward-facing meetings, is coming later this year.

Google also today announced a couple of updates to Spaces, but youre probably using Slack, so you can find more information about those here.

Image Credits: Google

Read the original here:
Google Meet gets in-meeting reactions, PiP, end-to-end encryption and more - TechCrunch

On March 24th, EU governing bodies announced that they had reached a deal on the most sweeping legislation to target Big Tech in Europe, known as the Digital Markets Act (DMA). Seen as an ambitious law with far-reaching implications, the most eye-catching measure in the bill would require that every large tech company defined as having a market capitalization of more than 75 billion and a user base of more than 45 million people in the EU create products that are interoperable with smaller platforms. For messaging apps, that would mean letting end-to-end encrypted services like WhatsApp mingle with less secure protocols like SMS which security experts worry will undermine hard-won gains in the field of message encryption.

The main focus of the DMA is a class of large tech companies termed gatekeepers, defined by the size of their audience or revenue and, by extension, the structural power they are able to wield against smaller competitors. Through the new regulations, the government is hoping to break open some of the services provided by such companies to allow smaller businesses to compete. That could mean letting users install third-party apps outside of the App Store, letting outside sellers rank higher in Amazon searches, or requiring messaging apps to send texts across multiple protocols.

But this could pose a real problem for services promising end-to-end encryption: the consensus among cryptographers is that it will be difficult, if not impossible, to maintain encryption between apps, with potentially enormous implications for users. Signal is small enough that it wouldnt be affected by the DMA provisions, but WhatsApp which uses the Signal protocol and is owned by Meta certainly would be. The result could be that some, if not all, of WhatsApps end-to-end messaging encryption is weakened or removed, robbing a billion users of the protections of private messaging.

Given the need for precise implementation of cryptographic standards, experts say that theres no simple fix that can reconcile security and interoperability for encrypted messaging services. Effectively, there would be no way to fuse together different forms of encryption across apps with different design features, said Steven Bellovin, an acclaimed internet security researcher and professor of computer science at Columbia University.

Trying to reconcile two different cryptographic architectures simply cant be done; one side or the other will have to make major changes, Bellovin said. A design that works only when both parties are online will look very different than one that works with stored messages .... How do you make those two systems interoperate?

Making different messaging services compatible can lead to a lowest common denominator approach to design, Bellovin says, in which the unique features that made certain apps valuable to users are stripped back until a shared level of compatibility is reached. For example, if one app supports encrypted multi-party communication and another does not, maintaining communications between them would usually require that the encryption be dropped.

Alternatively, the DMA suggests another approach equally unsatisfactory to privacy advocates in which messages sent between two platforms with incompatible encryption schemes are decrypted and re-encrypted when passed between them, breaking the chain of end-to-end encryption and creating a point of vulnerability for interception by a bad actor.

Alec Muffett, an internet security expert and former Facebook engineer who recently helped Twitter launch an encrypted Tor service, told The Verge that it would be a mistake to think that Apple, Google, Facebook, and other tech companies were making identical and interchangeable products that could easily be combined.

If you went into a McDonalds and said, In the interest of breaking corporate monopolies, I demand that you include a sushi platter from some other restaurant with my order, they would rightly just stare at you, Muffett said. What happens when the requested sushi arrives by courier at McDonalds from the ostensibly requested sushi restaurant? Can and should McDonalds serve that sushi to the customer? Was the courier legitimate? Was it prepared safely?

Currently, every messaging service takes responsibility for its own security and Muffett and others have argued that by demanding interoperability, users of one service are exposed to vulnerabilities that may have been introduced by another. In the end, overall security is only as strong as the weakest link.

Another point of concern raised by security experts is the problem of maintaining a coherent namespace, the set of identifiers that are used to designate different devices in any networked system. A basic principle of encryption is that messages are encoded in a way that is unique to a known cryptographic identity, so doing a good job of identity management is fundamental to maintaining security.

How do you tell your phone who you want to talk to, and how does the phone find that person? said Alex Stamos, director of the Stanford Internet Observatory and former chief security officer at Facebook. There is no way to allow for end-to-end encryption without trusting every provider to handle the identity management... If the goal is for all of the messaging systems to treat each others users exactly the same, then this is a privacy and security nightmare.

Not all security experts have responded so negatively to the DMA. Some of the objections shared previously by Muffett and Stamos have been addressed in a blog post from Matrix, a project geared around the development of an open-source, secure communications standard.

The post, written by Matrix co-founder Matthew Hodgson, acknowledges the challenges that come with mandated interoperability but argues that they are outweighed by benefits that will come from challenging the tech giants insistence on closed messaging ecosystems.

In the past, gatekeepers dismissed the effort of [interoperability] as not being worthwhile, Hodgson told The Verge. After all, the default course of action is to build a walled garden, and having built one, the temptation is to try to trap as many users as possible.

But with users generally happy to centralize trust and a social graph in one app, its unclear whether the top-down imposition of cross-platform messaging is mirrored by demand from below.

iMessage already has interop: its called SMS, and users really dislike it, said Alex Stamos. And it has really bad security properties that arent explained by green bubbles.

See the rest here:
Security experts fear the DMA will break WhatsApp encryption - The Verge

Six months after launching its end-to-end encrypted document editor, Skiff has bagged another $10.5 million in fresh funding to build out private and collaborative workspaces for its burgeoning customer base.

We wrote about Skiff last year ahead of its launch: Skiff is a web app that has much of the same document-writing and sharing capabilities as Google Docs but is built on a foundation of end-to-end encryption, so Skiff does not have access to users documents like Google does. The startup already has more than 20,000 people using its platform, leaps ahead of the 8,000 waitlisted users it had when we first spoke to the company last May.

But its the end-to-end encryption platform that Skiff relies on that holds the keys to the companys future. Now with $10.5 million in Series A funding in the bank, Skiffs co-founders Andrew Milich and Jason Ginsberg tell TechCrunch that the company is working toward becoming the application layer for the decentralized web.

A core part of the companys efforts have been on decentralization, a process that allows its users to take ownership of their data. Over the past year Skiff has partnered with Protocol Labs to offer decentralized storage, known as IPFS, or the Interplanetary File System, which allows Skiff to encrypt their documents and scatter them across a network of storage hosts, as well as integrating MetaMask, letting users sign in to Skiff using a portable crypto wallet instead of an email address.

The way we look at it is Web 2.0 is really about moving information around and web3 is about moving value around, said Ginsberg, Skiffs CTO, in a call. Data is the most valuable thing on the internet, and our goal is that you really should own your own data.

Ginsberg said the company is focused on growing its product offering, such as communication, and allowing users to share more kinds of data on its platform.

We see hundreds of millions of people choosing privacy products not really meeting the needs of working together remotely, and so thats really where we see Skiff coming in. Theres tons of different products that we could do along those lines. Were most interested right now in exploring products that not just deal with the document side of things, but also the communication side, said Ginsberg.

Milich, the startups chief executive, said the round led by Sequoia as a returning investor will help the company build out those new products that also rely on end-to-end encryption, like communication. Skiff currently has a team of 15 employees dotted across the globe, Milich said. The Series A brings Skiffs total funding to about $14 million.

Skiff is building an amazing team and visionary products to lead this moment, said Konstantine Buhler, a partner at Sequoia. We couldnt be more excited to double down.

Read more:
Skiff lands $10.5M to build out its end-to-end encrypted workspaces - TechCrunch

Cyber threats against healthcare organizations have been ramping up in the past few years, with highly publicized ransomware attacks leading to weeks-long network shutdowns at some institutions.

Experts warn that the situation may only worsen as bad actors become more sophisticated and as some get a boost from state-sponsored entities.

Anurag Lal, CEO of NetSfere which provides companies with security and message-delivery capabilities caught up with Healthcare IT News to discuss what he sees as the most pressing cyber threat, how organizations can protect themselves and how his experience as director of the U.S. National Broadband Task Force helped shape his perspective on these issues.

Q. Why are healthcare organizations particularly vulnerable to attacks?

A. Healthcare organizations are more at risk for cyber threats for a number of reasons. One, their systems are typically outdated and slower, and less secure as a result. Additionally, the pandemic accelerated the digitization of the healthcare industry, and an estimated 93% of healthcare organizations experienced some sort of data breach over the past two years.

These rushed transformation processes and outdated systems, combined with less centralized workplaces due to remote and hybrid work, create a large amount of risk for attacks.

Another reason healthcare organizations are more vulnerable is because their data is extremely valuable to hackers. Medical records and billing info create a huge target on the back of healthcare systems. Stolen health records may sell [for] up to 10 times more than credit card information on the dark web.

Q. What steps can organizations take to protect themselves?

A. Communicating efficiently and securely to protect patient and company data should remain a top priority as healthcare organizations become more digital. When deploying new communication channels, both internally between employees and with patients and providers, encryption is key.

Not all encryption is the same, though. End-to-end encryption is the gold standard when it comes to safe communications, verifying that messages are protected through every step of the process.

Its also important to educate employees on the dangers of phishing scams, as the majority of security breaches are a result of human error.

Q. On a related note, how can an organization be cognizant of protecting its communications with providers and patients?

A. Similarly to protecting themselves, healthcare organizations can protect their communications with providers and patients by modernizing communication channels and ensuring compliance. Regulations like the Health Insurance Portability and Accountability Act require healthcare organizations to follow specific (and stringent) standards for Protected Health Information, including sensitive patient information like medical histories and test results.

At the end of the day, the patient and their information are the priority and should be protected as such.

Q. What actions should the federal government be taking to address this threat?

A. The government should proactively implement safeguards to protect U.S. institutions from an inevitable cyberattack attempt.

One example is encouraging organizations to require Zero Trust Security and end-to-end-encryption [E2EE]. The idea behind the Zero Trust Security model is to "never trust, always verify"to protect data and intellectual property most securely. All resources are continuously authenticated, verified and authorized.

As I mentioned earlier, with E2EE, data is encrypted on the sender's system or device, and only the intended recipient is able to decrypt and read the message. Ensuring that business communication is locked down in this way applies zero-trust principles to mobile messaging and collaboration.

Q. You were director of the U.S. National Broadband Task Force under the Obama administration. How did that experience help shape your perspective on these issues?

A. During my time working on the Task Force, I saw in real time the very serious threats that exist and saw how cyberattacks affected other governments. For example, [bad actors linked to the] Russian government hacked the Ukrainian power grid, resulting in nationwide outages. Later, [they] installed malware on Ukraines accounting software, causing billions of dollars in damages.

Q. Do you have any predictions for the next few years in the cybersecurity sector?

A. I predict that cyberattacks will become more technologically advanced, so our ability to protect organizations and governments will need to become more advanced alongside them. This is evidenced by skyrocketing cyberattacks with 1,862publicly reported breachesin the U.S. in 2021, up more than 68% from 2020.

Kat Jercich is senior editor of Healthcare IT News.Twitter: @kjercichEmail: kjercich@himss.orgHealthcare IT News is a HIMSS Media publication.

Read the rest here:
Encryption is key to data protection, but not all strategies look alike - Healthcare IT News

IT professionals have spoken out against a government-backed campaign to limit end-to-end encryption, arguing that it will not make the world safer and is likely to cause more harm than good.

In a survey carried out by BCS, The Chartered Institute for IT, 78% of industry professionals said they did not believe restricting the use of end-to-end encryption (E2EE) in messaging would protect users.

The poll of 1,000 IT professionals was launched in response to the UK government-backed No Place to Hide campaign, which warns that further roll-out of end-to-end encryption would make it more difficult to police child sexual abuse.

The Home Office-backed campaign claims that social media sites are willfully blindfolding themselves to child sexual abuse by introducing end-to-end encryption on messaging services.

Meta, the owner of Facebook, has come in for particular criticism over its plans to introduce end-to-end encryption to its Instagram and Facebook messenger services.

End-to-end encryption is already widely available in messaging apps such as Signal, Telegram, Wickr and Metas WhatsApp, which offer varying degrees of security, depending on how they are configured.

A steering group of charities, led by Barnardos, the Lucy Faithful Foundation, the Marie Collins Foundation and SafeToNet, are driving the work. Police forces, including the National Crime Agency (NCA), are also backing the campaign.

Rolling out end-to-end encryption without safety measures in place would be like turning the lights off on the ability to identify child sex abusers online. These plans will mean that social media companies can no longer see the abuse that happens on their platforms, the campaign groups said in January.

BCS director of policy Bill Mitchell said: Whilst we can appreciate the governments aim is to make the internet a safer place, a balance has to be struck when it comes to end-to-end encryption.

Now is not the time to weaken technology that is so fundamentally important to our security. There should be more exploration of the alternatives before we go down the road of rolling back E2EE, especially in this time of war, when secure messaging is a vital tool for truth-telling across the world.

According to the poll, 66% of specialists said restricting end-to-end encryption would have a negative impact on protecting society at large.

Encrypted messaging has since become increasingly important to the people of Ukraine, with a large rise in usage being reported, including by journalists, the BCS said.

Some 70% of IT professionals were not confident it was possible to have both truly secure encryption and the ability to check encrypted messages for criminal material.

Many industry experts said they were worried about the possibility of increased surveillance from governments, police and the technology companies that run the online platforms. Other concerns were around the protection of financial data from hackers if end-to-end encryption was undermined.

There were concerns that wider sharing of secret keys, or centralised management of encryption processes, would significantly increase the risk of compromising the confidentiality they are meant to preserve.

BCSs Mitchell said: Its odd that so much focus has been on a magical backdoor when other investigative tools arent being talked about. Alternatives should be looked at before limiting the basic security that underpins everyones privacy and global free speech.

Government and intelligence officials are advocating, among other ways of monitoring encrypted material, technology known as client-side scanning (CSS) that is capable of analysing text messages on phone handsets and computers before they are sent by the user.

Proposals by Apple to compel iPhone users to accept updates that would automatically and covertly search shared images for possible abuse material and send reports to Apple or law enforcement agencies were condemned by 14 top computer scientists and cryptographers in October last year.

They concluded in a research paper, Bugs in our pockets: The risks of client-side scanning, published by Columbia University, that the plans were unworkable, vulnerable to abuse, and a threat to safety and security, citing more than 15 ways in which states or malicious actors, and even targeted abusers, could turn the technology around to cause harm to others or society.

The No Place to Hide campaign states: We are not opposed to end-to-encryption in principle and fully support the importance of strong user privacy. Instead, our campaign is calling for social media companies to work with us to find a solution that protects privacy, without putting children at even greater risk.

Read the rest here:
IT professionals wary of government campaign to limit end-to-end encryption - ComputerWeekly.com

HodlX Guest PostSubmit Your Post

Eight hundred twenty thousand thats how many NYC students were affected by 2022 hackers whoattacked a vulnerability in the school systems technology infrastructure. The breach occurred in software provided to the school system by Illuminate Education, and it resulted in access to names,birthdays, ethnicities and free-lunch statuses, among other items.

It is possible that the system was targeted with the hope of finding a treasure trove of SSNs or financial information both items that we have been told were not collected. The attack was the result of the company failing to encrypt its platforms.

Chancellor David Banks, while calling for city, state and federal investigations, told The Post,

We are outraged that Illuminate represented to us and schools that legally required, industry standard critical safeguards were in place when they were not.

Perhaps it might make sense to elected officials unfamiliar with cybercrime that a companys assurances in regard to encryption and other cybersecurity measures are sufficient.

However, this attack isnt unique. So many institutions, relying on external technology providers simply take their word for it when it comes to security and it isnt unique to public schools, which may not feel that they are a top-tier target for cybercrimes.

Consider the number of cryptocurrency exchanges and other DeFi marketplaces that have seen exploitations and breaches. Many exchanges and marketplaces are more interested in the business of garnering new customers than keeping user assets safe.

As a consequence, they utilize technology that is no match for the skill set of todays hackers. Many times, though, they arent rich in technological knowledge. Even CTOs are without extensive experience in preventing sophisticated cyberattacks. Often, they outsource their entire security apparatus, relying entirely on the claims of external providers and vendors.

The mistake is not in utilizing outside vendors. In fact, finding a provider that has more significant experience in building the technology infrastructure required for your business is often an excellent idea. The mistake is in trusting a provider without verifying the quality of their work. It isnt enough for a vendor to say that they offer industry-standard encryption services.

Theres nothing more important to a digital asset exchanges long-term success than its ability to keep those assets safe. It is incumbent on the operator of an exchange or in this case, the school district to ensure that they are prudently spending their cybersecurity funds. Any company that collects personal information or financial data has a duty to be a good steward of the trust they have been given.

You may think that school districts and cryptocurrency exchanges have a vastly different set of challenges. In some ways, that is true. Different kinds of hackers target different kinds of entities, utilizing different skill sets. But fundamentally, both must be prepared to deal with bad actors.

In this attack, teachers saw homework completion decrease significantly. And the system was also used to track Covid-19. When the system went down in January, so did their ability to track student exposure. There were real consequences in this failure to protect students. And while the attack wasnt one that saw $600 million in assets disappear as we recently saw in theexploitation of the Ronin sidechain it was one that could have been avoided.

Fundamentally, we as a society must hit the reset button on cybersecurity. We need to throw out the old playbook and develop a new vision for dealing with cutting-edge threats, especially with an ever-expanding cyberwar brewing as a result of the Russia-Ukraine conflict. The urgent need for a paradigm shift has never been greater.

Richard Gardner is the CEO of Modulus. He has been a globally recognized subject matter expert for more than two decades, offering complex insight and analysis on cryptocurrency, cybersecurity, financial technology, surveillance technology, blockchain technologies and general management best practices.

Follow Us on Twitter Facebook Telegram

Featured Image: Shutterstock/Design Projects

Continue reading here:
New York City DOE Serves As Reminder on Encryption Trust but Verify - The Daily Hodl

New York, March 29, 2022 (GLOBE NEWSWIRE) -- Reportlinker.com announces the release of the report "GLOBAL BANK ENCRYPTION SOFTWARE MARKET FORECAST 2022-2030" - https://www.reportlinker.com/p06248464/?utm_source=GNW MARKET INSIGHTSBank encryption software is a data protection platform that enables banks to exchange transaction detail documents with their consumers. Hassle-free data service and high security are among the several benefits offered by bank encryption software.Governments and businesses are generating voluminous data at a rapid rate.This further leads to usability problems in terms of storing and managing the data.

These aspects impact the efficient functioning and profitability of businesses.As a result, measures like big data implementation are being incorporated to tackle these issues.

For instance, as per the stats, the global banking sector is incorporating big data analytics into its infrastructure.In addition, data generated by banks can aid in creating personalized and new offers for their consumers, help manage risks, and offer enhanced customer services.Besides, such data surges will need security for safe storage and protection in cyberspace.

Therefore, there is a growing demand for encryption software for data protection. However, the market growth is restrained by implementation issues and compromised software integrity.

REGIONAL INSIGHTSThe global bank encryption software market growth assessment includes the geography analysis of North America, Europe, Asia-Pacific, and Rest of World. North America is the largest region in the global market with regard to revenue share, attributed to the growing cybersecurity awareness and favorable policies.

COMPETITIVE INSIGHTSThe intense industrial rivalry is accredited to the presence of established players. Some of the key players in the market are Lookout Security, Intel Corporation, ESET, IBM, etc.

Our report offerings include: Explore key findings of the overall market Strategic breakdown of market dynamics (Drivers, Restraints, Opportunities, Challenges) Market forecasts for a minimum of 9 years, along with 3 years of historical data for all segments, sub-segments, and regions Market Segmentation cater to a thorough assessment of key segments with their market estimations Geographical Analysis: Assessments of the mentioned regions and country-level segments with their market share Key analytics: Porters Five Forces Analysis, Vendor Landscape, Opportunity Matrix, Key Buying Criteria, etc. Competitive landscape is the theoretical explanation of the key companies based on factors, market share, etc. Company profiling: A detailed company overview, product/services offered, SCOT analysis, and recent strategic developments

Companies mentioned1. BITDEFENDER PVT2. BROADCOM INC3. DELL TECHNOLOGIES INC4. ESET5. IBM6. INTEL CORPORATION7. LOOKOUT SECURITY8. MCAFEE CORP9. MICROSOFT CORPORATION10. NETSKOPE INC11. PROTEGRITY PVT12. THALES GROUP13. TREND MICRO INC14. WINMAGIC DATA SECURITY SOLUTIONRead the full report: https://www.reportlinker.com/p06248464/?utm_source=GNW

About ReportlinkerReportLinker is an award-winning market research solution. Reportlinker finds and organizes the latest industry data so you get all the market research you need - instantly, in one place.

__________________________

Excerpt from:
The global bank encryption software market is set to register a CAGR of 13.39% during the forecast period, 2022-2030 - GlobeNewswire

While most messaging apps promise end-to-end encryption, they suffer from 2 fundamental flaws.

Firstly, they are usually governed by a central authority and depend on centralized servers. These servers store all the metadata of your conversations and are vulnerable to attacks. Further, the central authority also controls your data, and they can use it as they deem fit.

The second problem is that end-to-end encryption will become obsolete once we enter the age of quantum computing (more on this later).

To address these issues, a new generation of messaging apps has emerged. They are decentralized, quantum-resistant and will effectively future-proof private communication. And at the forefront of these up-and-coming messaging apps is the xx messenger.

The xx network

The xx network is a full-stack platform with a layer one blockchain that is quantum resistant. It is one of the most private communications networks in the world right now. One unique aspect of the network is that its communication layer even obfuscates the metadata of your chats. This provides an added level of security.

Any application or blockchain platform can route its traffic to the xx network for secure and quantum-proofed end-to-end communication.

The crowning jewel of the network is its decentralized messaging application, xx messenger. It embodies all the features that the xx network promises. It is an end-to-end quantum secure messaging application that obfuscates metadata.

Both the xx network and the messenger are the creation of David Chaum, a computer scientist and cryptographer known as the 'godfather of cryptocurrency'. In 1982, way before Satoshi Nakamoto published his now-famous white paper, Chaum published a dissertation titled, "Computer Systems Established, Maintained, and Trusted by Mutually Suspicious Groups,". This was the first blockchain protocol to exist.

Features of the xx messenger

xx messenger is not just a proof-of-concept utilizing state of the art quantum technology; it is a full-fledged messenger with modern features expected from any top-of-the-line messaging application. It offers popular features such as group chats, audio, and video sharing. It is also very easy to sign up on xx messenger. You do not have to link an existing account, number, or email ID.

Instead, you only have to provide a pseudonym. This makes it free from any form of real-world identification. The application only relies on its underpinning privacy-preserving technology to give users the ultimate privacy communication experience.

The quantum computing problem

We have repeatedly used the phrase quantum protected or quantum proofing, but to really appreciate this feature, we must understand what quantum computing refers to in this context.

Quantum computing applies the principle of quantum physics to the world of computers. Quantum physics relates to understanding problems and physical concepts at atomic and sub-atomic levels. The working of a computer or its smallest unit, a transistor, can also be put in terms of quantum physics.

Today's computers use the binary digits - 0 and 1 - as the most basic levelled instructions. In machine language, 1 refers to a true statement, and 0 refers to a false statement. A combination of these digits can be used to form complex instructions, and that is how all computer instructions are formed.

But due to the concept of 'Quantum superposition', it is possible for a machine to read both digits simultaneously. While quantum computers do not exist now, experts believe that it is only a matter of time before they do. These computers will be extremely powerful and would be able to crack the encryption standards we use today in minutes.

Chaum and his team at xx network have developed a quantum secure consensus algorithm known as xxBFT consensus to circumvent this problem.

The consensus model ensures that the network is protected from quantum computing attacks. The application's message mixing protocol called xx Cmix ensures that encryption cannot be broken and also provides a metadata shredding feature.

A decentralized network

On the other side of privacy is decentralization. It ensures that no organization, third-party or even the xx network itself can access a sender's or recipient's data. The xx messenger is built on top of the decentralized xx network.

The xx network uses a randomly selected pool of nodes on the network to help encrypt messages in sets of 1,000. The nodes continuously shuffle these messages and encrypt them. The nodes have an incentive to participate in the encryption they are rewarded in the blockchain's native currency for their effort in securing the network.

The xx network is also an open-source platform, meaning anyone with the technical know-how can contribute to the network and any application on it, including the xx messenger. The source code of the application is written in the Golang programming language.

The xx messenger aims to fill a gap in the market by providing a decentralized and quantum secure infrastructure that is robust and easy to use. The application is currently available on both IOS and Android Play Store for download.

Read the original:
Is the XX messenger the future of private communication? - CNBCTV18