Cryptography Problems

Carelessness versus craftsmanship in cryptography

Two popular AES libraries, aes-js and pyaes, “helpfully” provide a default IV in their AES-CTR API, leading to a large number of key/IV reuse bugs. These bugs potentially affect thousands of ...

12d

The coming cryptographic debt crisis

That mismatch is creating a risk most organizations are not tracking: cryptographic debt—the accumulated risk and cost that ...

Security Boulevard

Post-Quantum Cryptography for DKIM, PGP, and S/MIME: Quantum Threat to Email Security

Quantum computers won’t break the internet tomorrow… but they will break your email security sooner than you think. Today, cybercriminals and state-sponsored groups are quietly collecting encrypted ...

Communications of the ACM

Why Cryptographic Migration Timelines Are the Real Security Risk

When that break occurs, the mathematics behind the code moves instantly. Organizations, however, do not move so fast.

Some results have been hidden because they may be inaccessible to you

Show inaccessible results