Lifeboat Foundation

Homomorphic encryption is considered a next generation data security technology, but researchers have identified a vulnerability that allows them to steal data even as it is being encrypted.

“We weren’t able to crack homomorphic encryption using mathematical tools,” says Aydin Aysu, senior author of a paper on the work and an assistant professor of computer engineering at North Carolina State University. “Instead, we used side-channel attacks. Basically, by monitoring power consumption in a device that is encoding data for homomorphic encryption, we are able to read the data as it is being encrypted. This demonstrates that even next generation encryption technologies need protection against side-channel attacks.”

Homomorphic encryption is a way of encrypting data so that third parties cannot read it. However, homomorphic encryption still allows third parties and third-party technologies to conduct operations using the data. For example, a user could use homomorphic encryption to upload sensitive data to a cloud computing system in order to perform analyses of the data. Programs in the cloud could perform the analyses and send the resulting information back to the user, but those programs would never actually be able to read the sensitive data.

These Arduino-compatible handheld kits transmit chat messages and GIFs over long ranges, encrypted for privacy.

The material could replace rare metals and lead to more economical production of carbon-neutral fuels.

Protocol could break quantum-encryption systems.

Software that orchestrates secure and compliant data collaborations.

Quantum computers could cause unprecedented disruption in both good and bad ways, from cracking the encryption that secures our data to solving some of chemistry’s most intractable puzzles. New research has given us more clarity about when that might happen.

Modern encryption schemes rely on fiendishly difficult math problems that would take even the largest supercomputers centuries to crack. But the unique capabilities of a quantum computer mean that at sufficient size and power these problems become simple, rendering today’s encryption useless.

That’s a big problem for cybersecurity, and it also poses a major challenge for cryptocurrencies, which use cryptographic keys to secure transactions. If someone could crack the underlying encryption scheme used by Bitcoin, for instance, they would be able to falsify these keys and alter transactions to steal coins or carry out other fraudulent activity.

The encrypted chats detect when you take a screenshot.

After several years of development, Facebook’s Messenger platform will let you switch to end-to-end encrypted chats and calls with anyone. It also now supports features like Reactions and replies inside encrypted chats.

Though Meta didn’t give numbers on RSC’s current top speed, in terms of raw processing power it appears comparable to the Perlmutter supercomputer, ranked fifth fastest in the world. At the moment, RSC runs on 6,800 NVIDIA A100 graphics processing units (GPUs), a specialized chip once limited to gaming but now used more widely, especially in AI. Already, the machine is processing computer vision workflows 20 times faster and large language models (like, GPT-3) 3 times faster. The more quickly a company can train models, the more it can complete and further improve in any given year.

In addition to pure speed, RSC will give Meta the ability to train algorithms on its massive hoard of user data. In a blog post, the company said that they previously trained AI on public, open-source datasets, but RSC will use real-world, user-generated data from Meta’s production servers. This detail may make more than a few people blanch, given the numerous privacy and security controversies Meta has faced in recent years. In the post, the company took pains to note the data will be carefully anonymized and encrypted end-to-end. And, they said, RSC won’t have any direct connection to the larger internet.

To accommodate Meta’s enormous training data sets and further increase training speed, the installation will grow to include 16,000 GPUs and an exabyte of storage—equivalent to 36,000 years of high-quality video—later this year. Once complete, Meta says RSC will serve training data at 16 terabytes per second and operate at a top speed of 5 exaflops.

By using quantum key distribution (QKD), quantum cryptographers can share information via theoretic secure keys between remote peers through physics-based protocols. The laws of quantum physics dictate that photons carrying signals cannot be amplified or relayed through classical optical methods to maintain quantum security. The resulting transmission loss of the channel can limit its achievable distance to form a huge barrier to build large-scale quantum secure networks. In a new report now published in Nature Photonics, Shuang Wang and a research team in quantum information, cryptology and quantum physics in China developed an experimental QKD system to tolerate a channel loss beyond 140 dB across a secure distance of 833.8 km to set a new record for fiber-based quantum key distribution. Using the optimized four-phase twin-field protocol and high quality setup, they achieved secure key rates that were more than two orders of magnitude greater than previous records across similar distances. The results form a breakthrough to build reliable and terrestrial quantum networks across a scale of 1,000 km.

Quantum cryptography and twin-field quantum key distribution (QKD)

Quantum key distribution is based on fundamental laws of physics to distribute secret bits for information-theoretic secure communication, regardless of the unlimited computational power of a potential eavesdropper. The process has attracted widespread attention in the past three decades relative to the development of a global quantum internet, and matured to real-world deployment through optical-fiber networks. Despite this, wider applications of QKD are limited due to channel loss, limiting increase in the key rate and range of QKD. For example, photons are carriers of quantum keys in a QKD setup, and they can be prepared at the single-photon level to be scattered and absorbed by the transmission channel. The photons, however, cannot be amplified, and therefore the receiver can only detect them with very low probability. When transmitted via a direct fiber-based link from the transmitter to the receiver, the key rate can therefore decrease with transmission distance.

Athletes headed to the Beijing Olympic Winter Games are making final travel preparations, including keeping in line with China’s health measures on the “My 2022″ smartphone app. However, inadequate encryption measures within the app can leave Olympians, journalists and sports officials vulnerable to hackers, privacy breaches, and surveillance, according to a cybersecurity report by the Citizen Lab obtained exclusively by DW. Additionally, the IT forensic specialists found that the app includes a censorship keyword list. The findings come as international concern over digital safety at the Games mounts. Germany, Australia, UK and US have urged their athletes and National Olympic Committees to leave their personal phones and laptops behind and to travel with special devices over fears of digital espionage. The Dutch Olympic Committee outright banned its athletes from bringing personal phones and laptops due to surveillance concerns.

In the Olympic Playbook for athletes and team officials, the International Olympic Committee states that the “My 2022″ app is “in accordance with international standards and Chinese law.” But based on its findings, Citizen Lab concludes that the insecure transmission of personal information “may constitute a direct violation of China’s privacy laws.” This is because China’s data protection laws require that a person’s health and medical records held digitally be transmitted and stored in an encrypted manner. Citizen Lab’s findings also raise questions concerning two Western tech giants that carry the “My 2022″ app: Apple and Google. “Both Apple’s and Google’s policies forbid apps to transmit sensitive data without proper encryption, so Apple and Google will need to determine whether the app’s unresolved vulnerabilities warrant delisting,” Citizen Lab’s Knockel told DW. The Beijing Organizing Committee has stood by its app, however, saying it “passed the examination” of international mobile application markets such as Google, Apple and Samsung.“We have taken measures such as personal information encryption in the app to ensure privacy security,” the committee said Monday to Xinhua News Agency.

Continue reading “Hacking backdoor? Security flaws in China’s mandatory Olympics app | DW News” »