Summary: Europe's security agency has warned that cryptographic protocols in vogue at the moment may not be as secure as thought.
By Liam Tung | November 24, 2014
The cryptographic protocols used to secure data moving across the web are putting users at risk due to design flaws that date back many years.
Given the current push to encrypt everything in response to revelations of government surveillance, it's important that the protocols being used to do the job are actually secure. The problem is that these protocols often aren't up to the task, a problem that researchers at the European Union Agency for Network and Information Security (ENISA) are aiming to remedy.
In a new report outlining how governments and corporations can avoid the mistakes found in today's buggy protocols, ENISA says: "The key problem with protocols today is that many result from cryptographic design many years (even decades) ago. Thus cryptographic protocols suffer more from legacy issues than the underlying cryptographic components."
"The goal should be to work towards a better cryptographic protocol infrastructure which does not exhibit such problems," the report said.
Full Article
How to weed out the next Heartbleed bug: ENISA details crypto worries
Userlevel 7
+54
Userlevel 7
+54
By Eduard Kovacs on November 25, 2014 ENISA Details Use of Cryptography For Securing Personal Data
The European Union Agency for Network and Information Security (ENISA) has released two reports that aim to inform and guide decision makers in the public and private sector on the use and implementation of cryptographic protocols for securing personal data.
As a result of the numerous data breaches that took place in the past period and the recent government spying revelations, the European Union is increasingly focusing on personal data protection.
Last year, ENISA, which is referenced as a consultative body in the European Commission's data breach notification rules, released a cryptographic guidelines report on securing personal data online. The new reports made available last week, "Algorithms, key size and parameters" and "Study on cryptographic protocols" build upon the 2013 study.
Full Article
The European Union Agency for Network and Information Security (ENISA) has released two reports that aim to inform and guide decision makers in the public and private sector on the use and implementation of cryptographic protocols for securing personal data.
As a result of the numerous data breaches that took place in the past period and the recent government spying revelations, the European Union is increasingly focusing on personal data protection.
Last year, ENISA, which is referenced as a consultative body in the European Commission's data breach notification rules, released a cryptographic guidelines report on securing personal data online. The new reports made available last week, "Algorithms, key size and parameters" and "Study on cryptographic protocols" build upon the 2013 study.
Full Article
Reply
Login to the community
No account yet? Create an account
Enter your username or e-mail address. We'll send you an e-mail with instructions to reset your password.