Design-Reuse

How to Separate your Cryptographic Keys

When designing cryptographic protocols and systems, many guiding principles ought to be respected. Often, these guiding principles are lessons learned from years of attacks and vulnerabilities against ...
EurekAlert!

New NIST document offers guidance in cryptographic key generation

NIST Special Publication (SP) 800-133 offers guidance on generating the cryptographic keys that are needed to employ algorithms that provide confidentiality and integrity protection for data. Even if ...
Dark Reading

'Hertzbleed' Side-Channel Attack Threatens Cryptographic Keys for Servers

A side-channel timing attack dubbed "Hertzbleed" by researchers could allow remote attackers to sniff out cryptographic keys for servers. It affects most Intel processors, as well as some chipsets ...
Wired

The Comedy of Errors That Let China-Backed Hackers Steal Microsoft’s Signing Key

Microsoft said in June that a China-backed hacking group had stolen a cryptographic key from the company's systems. This key allowed the attackers to access cloud-based Outlook email systems for 25 ...
Security Boulevard

Quantum-resistant key management for AI model deployments.

Discover how quantum-resistant key management secures AI model deployments, protecting against quantum computing threats with advanced encryption and zero-trust strategies.
CSOonline

Secure Boot no more? Leaked key, faulty practices put 900 PC/server models in jeopardy

PKfail: An AMI Platform Key discovered on GitHub led researchers to uncover test keys in firmware images from major PC and server vendors, something hackers could exploit if leaked to gain kernel ...