This Week's [in]Security - Issue 172 | insecurity | Control Gap
Welcome to This Week’s [in]Security. Twitter Hack/Breach. Facebook Ad boycott. Covid-19: Spread, Curves, Spikes & Waves. Lockdown, Reopening, & The...
Welcome to This Week’s [in]Security. Twitter Hack/Breach. Facebook Ad boycott. Covid-19: Spread, Curves, Spikes & Waves. Lockdown, Reopening, & The...
NIST recently published a document "Transitioning the Use of Cryptographic Algorithms and Key Lengths" which formalizes the sunset of Triple DES by...
Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev 1 "Recommendation...
Now is the time to stop using 64-bit block length ciphers such as 3DES (TDEA) and Blowfish in general purpose applications of cryptography. In 2016,...
Barely a year after NIST approved Format-Preserving Encryption (FPE) based on AES they've issued a news release that one of the approved modes has...
History The SHA-1 cryptographic hash function was introduced in 1995. Weaknesses began to be discovered in 2005, and in 2011 NIST deprecated SHA-1. The...
The Internet and mainstream media has been ablaze with articles and opinion pieces about the dispute between the FBI and Apple over an iPhone used...
If you’ve been struggling with keeping up with various SSL vulnerabilities and planning an orderly cutover to TLS then the recent announcement by...
Previously we looked at Format Preserving Encryption (FPE) its characteristics and suitability for application in solutions intended for PCI DSS. To...