Only the owner of a cryptographic key can decrypt any message encrypted against it. Therefore, if you want to send a message securely to another person, you have to know and use his key to encrypt the message. You have to be certain that it belongs to that person, and not to somebody else that tries to eavesdrop on your communication. This is why many secure communication apps allow you to verify keys using a short fingerprint that is uniquely tied to the key and that can be verified ‘out of band’. This means you have to ask for someone’s fingerprint (over the phone, or by looking at his business card) and compare it to the fingerprint your app shows for that person’s key. Apple’s iMessage is a notable exception, though. And frequently criticised for it.
Read the rest of this entry »
The 2014 edition of the Real World Cryptography workshop was held last week in New York, hosted by the City College of New York. Here are some personal highlights of day #1 (I have not included a summary of all talks, and do not pay an equal amount of attention to all talks). I have also made summaries for day #1 and day #2.
Read the rest of this entry »
The 2014 edition of the Real World Cryptography workshop was held last week in New York, hosted by the City College of New York. Here are some personal highlights of day #2 (I have not included a summary of all talks, and do not pay an equal amount of attention to all talks). Day #1 (which was much more interesting in my opinion) can be found here. Day #3 is here.
Read the rest of this entry »
The 2014 edition of the Real World Cryptography workshop was held last week in New York, hosted by the City College of New York. Here are some personal highlights of day #1 (I have not included a summary of all talks, and do not pay an equal amount of attention to all talks). I also made a summary of day 2 and day 3.
Read the rest of this entry »
Als reactie op de onthulling dat de NSA op allerlei manieren achter de inhoud van versleutelde berichten probeert te komen, geeft Bruce Schneier een aantal tips om veilig te blijven (zie vooral ook de discussie op zijn blog. Zijn advies om symmetrische cryptografie te gebruiken verbaasde mij echter.
This is a brief summary day #2 of the ECRYPT II workshop Crypto for 2020 held on Tenerife on January 23 and 24, 2013. The summary of day #1 can be found here.
Read the rest of this entry »
This is a (not so) brief summary of day #1 of the ECRYPT II workshop Crypto for 2020 held on Tenerife on January 23 and 24, 2013. The summary of day #2 can be found here.
Read the rest of this entry »