Zoom Adopts NIST-Approved Post-Quantum End-to-End Encryption for Meetings

By: Newsroom — May 22^nd 2024 at 04:46

Popular enterprise services provider Zoom has announced the rollout of post-quantum end-to-end encryption (E2EE) for Zoom Meetings, with support for Zoom Phone and Zoom Rooms coming in the future. "As adversarial threats become more sophisticated, so does the need to safeguard user data," the company said in a statement. "With the launch of post-quantum E2EE, we are doubling down on

The Hacker News

Apple Unveils PQ3 Protocol - Post-Quantum Encryption for iMessage

By: Newsroom — February 22^nd 2024 at 16:25

Apple has announced a new post-quantum cryptographic protocol called PQ3 that it said will be integrated into iMessage to secure the messaging platform against future attacks arising from the threat of a practical quantum computer. "With compromise-resilient encryption and extensive defenses against even highly sophisticated quantum attacks, PQ3 is the first messaging protocol to reach

The Hacker News

Post-Quantum Cryptography: Finally Real in Consumer Apps?

By: The Hacker News — September 29^th 2023 at 11:48

Most people are barely thinking about basic cybersecurity, let alone post-quantum cryptography. But the impact of a post-quantum world is coming for them regardless of whether or not it's keeping them up tonight. Today, many rely on encryption in their daily lives to protect their fundamental digital privacy and security, whether for messaging friends and family, storing files and photos, or

The Hacker News

Google Introduces First Quantum Resilient FIDO2 Security Key Implementation

By: THN — August 16^th 2023 at 10:59

Google on Tuesday announced the first quantum resilient FIDO2 security key implementation as part of its OpenSK security keys initiative. "This open-source hardware optimized implementation uses a novel ECC/Dilithium hybrid signature schema that benefits from the security of ECC against standard attacks and Dilithium's resilience against quantum attacks," Elie Bursztein and Fabian Kaczmarczyck

The Hacker News

Enhancing TLS Security: Google Adds Quantum-Resistant Encryption in Chrome 116

By: THN — August 11^th 2023 at 12:22

Google has announced plans to add support for quantum-resistant encryption algorithms in its Chrome browser, starting with version 116. "Chrome will begin supporting X25519Kyber768 for establishing symmetric secrets in TLS, starting in Chrome 116, and available behind a flag in Chrome 115," Devon O'Brien said in a post published Thursday. Kyber was chosen by the U.S. Department of Commerce's

The Hacker News

Experts Discover Flaw in U.S. Govt's Chosen Quantum-Resistant Encryption Algorithm

By: Ravie Lakshmanan — March 6^th 2023 at 08:30

A group of researchers has revealed what it says is a vulnerability in a specific implementation of CRYSTALS-Kyber, one of the encryption algorithms chosen by the U.S. government as quantum-resistant last year. The exploit relates to "side-channel attacks on up to the fifth-order masked implementations of CRYSTALS-Kyber in ARM Cortex-M4 CPU," Elena Dubrova, Kalle Ngo, and Joel Gärtner of KTH

Naked Security

US passes the Quantum Computing Cybersecurity Preparedness Act – and why not?

By: Paul Ducklin — December 29^th 2022 at 13:45

Cryptographic agility: the ability and the willingness to change quickly when needed.

sc-daa-1200

The Hacker News

Cyber Criminals Using Quantum Builder Sold on Dark Web to Deliver Agent Tesla Malware

By: Ravie Lakshmanan — September 28^th 2022 at 12:36

A recently discovered malware builder called Quantum Builder is being used to deliver the Agent Tesla remote access trojan (RAT). "This campaign features enhancements and a shift toward LNK (Windows shortcut) files when compared to similar attacks in the past," Zscaler ThreatLabz researchers Niraj Shivtarkar and Avinash Kumar said in a Tuesday write-up.  Sold on the dark web for

The Hacker News

Emotet Botnet Started Distributing Quantum and BlackCat Ransomware

By: Ravie Lakshmanan — September 19^th 2022 at 12:42

The Emotet malware is now being leveraged by ransomware-as-a-service (RaaS) groups, including Quantum and BlackCat, after Conti's official retirement from the threat landscape this year. Emotet started off as a banking trojan in 2014, but updates added to it over time have transformed the malware into a highly potent threat that's capable of downloading other payloads onto the victim's machine,

Naked Security

S3 Ep95: Slack leak, Github onslaught, and post-quantum crypto [Audio + Text]

By: Paul Ducklin — August 11^th 2022 at 14:34

Latest episode - listen now! (Or read the transcript if you prefer.)

Naked Security

Post-quantum cryptography – new algorithm “gone in 60 minutes”

By: Paul Ducklin — August 3^rd 2022 at 16:55

And THIS is why you don't knit your own home-made encryption algorithms and hope no one looks at them.

The Hacker News

Single-Core CPU Cracked Post-Quantum Encryption Candidate Algorithm in Just an Hour

By: Ravie Lakshmanan — August 3^rd 2022 at 16:09

A late-stage candidate encryption algorithm that was meant to withstand decryption by powerful quantum computers in the future has been trivially cracked by using a computer running Intel Xeon CPU in an hour's time. The algorithm in question is SIKE — short for Supersingular Isogeny Key Encapsulation — which made it to the fourth round of the Post-Quantum Cryptography (PQC) standardization

Naked Security