Researchers at the National Institute of Standards and Technology (NIST) have developed a method for generating numbers guaranteed to be random by quantum mechanics. Generating truly random numbers is one of the major challenges for quantum-based encryption and could mark a major leap in cybersecurity.
The Internet of Things (IoT) has security issues. The fundamental weakness is that it adds to the number of devices behind a network firewall that can be compromised. Not only do we need to safeguard our computers and smartphones, now we must worry about protecting our homes, vehicles, appliances, wearables and other IoT devices.
Every day, more and more government organizations are moving IT functions and data storage to the cloud. Early last month, the U.S. Department of Defense signed a multimillion-dollar contract to encourage organizations under its umbrella to move to the cloud. While the needs of public-sector entities differ from those of the private sector, there are some hard-won data security lessons corporations have learned—such as encryption key management and the use of cryptographic gateways—that can be useful for government organizations as they plan and execute a migration to the cloud.
Where some see challenges, others see opportunities. It sounds like a motivational poster, but that is exactly how researchers at the National Security Agency view the Internet of Things, or the IoT.
“We approach IoT a little differently than everybody else. Everybody’s talking about all the security problems. That’s certainly fair, but we look at IoT as an opportunity in terms of the security goals we can accomplish,” says George Coker, chief, Information Assurance Research Group, National Security Agency (NSA).
The next-generation airborne missile control system being developed by the U.S. Air Force will take advantage of modern communications and electronics systems such as software-defined radios to provide a number of capabilities, including improved cybersecurity.
The Department of Homeland Security (DHS) Science and Technology Directorate (S&T) has awarded Salt Lake City-based startup Evernym a $749,000 Small Business Innovation Program (SBIR) award to develop an easy-to-use, decentralized mechanism for managing public and private encryption keys needed for the secure and scalable deployment of blockchain technologies.
The National Institute of Standards and Technology's (NIST) benchmark for encryption modules has seen recent innovation, opening the playing field for competition.
For years, NIST’s Federal Information Processing Standards (FIPS) 140-2 validation list read like a Who’s Who of Fortune 100 technology vendors. Only those products that leverage cryptographic modules shown on the list were eligible for federal agency deployment. Until recent changes, only the deepest pockets could absorb the costs of development, testing and expensive consultants to facilitate introducing solutions into the federal marketplace.
The U.S. government is racing to identify technologies that will resist the threat from quantum computers, which will render today’s encryption obsolete.
They do not necessarily match the hero stereotype, but computer scientists improving methods of generating random numbers just may save the day when it comes to cybersecurity.
Scientists at the University of Texas at Austin have delivered a mathematical revelation that could bring a number of benefits, but improved encryption tops the list. Cybersecurity, of course, depends on encryption, which relies on random data. Although the world is full of randomness—a roll of the dice, a flip of a coin, a lottery drawing—randomness is not always equal. When studied over time, air temperatures and stock market results, for example, actually produce predictable patterns.
State-of-the-art encryption continues to defy all but the most elite codebreakers, but even exponential improvements may never catch up with rapid advances in computing. In some cases, the very technologies that enable innovative encryption solutions also could provide the key to breaking the most complex codes applied to datasets.
The increase in cyberthreats from both internal and external sources has put the onus on government agencies, particularly at the federal level, to implement strong cybersecurity architectures. While encryption is an essential component, without careful implementation, criminals easily can exploit its weaknesses, and the emerging power of quantum computing could compound the problem.
Behind the Science is an occasional series of blogs focusing on the people advancing science and technology.
George and Marlene Bachand, a married couple working at Sandia National Laboratories, have partnered on more science projects than they can recall.
Scientists at Sandia National Laboratories are searching for partners to apply technology for encrypting text within synthetic DNA. The encryption is far stronger than conventional technology and practically impossible to break, researchers say.
In September, the Sandia team wrapped up a three-year effort titled Synthetic DNA for Highly Secure Information Storage and Transmission. The project developed a new way of storing and encrypting information using DNA. The work was funded through Sandia’s internal Laboratory Directed Research and Development program.
The ability of warfighters to be mobile and nimble is not a luxury during combat operations. It is an absolute necessity. Staying ahead of the enemy or avoiding attack often means an entire command post must move, and quickly—a mammoth challenge if the command post relies on a wired communications network with cumbersome and costly cables and equipment.
Encryption software that performs many of the functions supporting military command and control networks now is easily available to the public. Not only does it match what U.S. forces use, but also it includes end-to-end encryption and can be downloaded by anyone with Internet access. At the end of 2015, estimates show that was 3.2 billion people globally.
This development brings a number of consequences. Among them, privately operated encrypted messaging has become a known unknown. Mission planners now must consider both the increased capability of widely dispersed organizations to operate anywhere under cover and the increased difficulty of penetrating these groups.
Last year proved lucrative for cyber criminals, and 2016 is shaping up to be even better, with a seemingly unsuspecting victim in the hacking crosshairs: driverless cars, according to Dell Security. In 2015, hackers carried out a massive number of breaches against organizations and government agencies in spite of the millions of dollars spent not only to safeguard networks, but also to hire security experts and train employees on proper cyber hygiene, according to the company’s annual cybersecurity report released Monday.
You’re trying to break the German Enigma machine. … It’s the greatest encryption device in history, and the Germans use it for all major communications. If the Allies broke Enigma—well, this would turn into a very short war indeed. … One hundred and fifty nine million million million possible Enigma settings. All we had to do was try each one. —Alan Turing in The Imitation Game (Weinstein Company, 2014)
Quantum encryption technology created in a national laboratory will be available this summer to government and commercial clients. The system provides faster and more cost-effective cryptographic services with long-term system security. Future iterations may be available for laptops and handheld devices, dramatically improving on-the-job communications security for first responders and other professionals who rely on communications on the go.
Physical Optics Corporation, Torrance, California, is being awarded $10,449,470 for cost-plus-fixed-fee delivery order 0006 against a previously issued Basic Ordering Agreement (N68335-12-G-0045) for a Phase III Small Business Innovation Research effort for the design, testing and delivery of data transfer units and ground encryption devices in support of the F/A-18 E/F and EA-18G. This effort includes 14 non flight-worthy (NFW) data transfer units, seven flight-worthy (FW) DTUs, 21 mission NFW removable memory devices, 25 NFW maintenance RMDs, 17 FW mission RMDs, 15 FW maintenance RMDs, nine ground encryption devices and the required cabling and software.
Encrypt tweets and send them to select groups or individuals with the scrambls app for the iPhone or iPad. The app gives you total control over your online privacy on Twitter. Simply tap tweets to instantly encrypt the text before it is sent to the cloud. Only select individuals defined at scrambls.com can read the posts. Your selected contacts need the app or the browser plug-in, and they will see the scrambled posts as clear text. Just change the group or individuals permitted to read a post based on the level of privacy you want to achieve.