This article is a step-by-step guide to using two passwords with EncFS. The primary password is required and may be used to secure all data; the secondary password is optional and may be stored on USB stick or other removable media and used to secure more sensitive data. EncFS can also be combined with block device encryption for maximum security
The Camellia Block Cipher is a new encryption algorithm which was developed by NTT and has been specified in several Internet RFCs as well as being one of the approved encryption methods to be used by the European Union.
Developers on the FreeBSD project worked with researchers from NTT to integrate their code, under a BSD license, into the CURRENT branch of FreeBSD, which will become the 7.0 release in the near future.
Gmail may be an excellent Web-based email application, but there is no easy way to use it with privacy tools like GnuPG. The FireGPG extension for Firefox is designed to solve this problem. It integrates nicely into Gmail's interface and allows you to sign and encrypt not only email messages but also text snippets from any Web page.
PGP has two uses. First, it is an encryption system that uses public-key cryptography. Each user has a public key and a private key. In simple terms, you can encrypt a message using someone's public key and they can decrypt it using their private key. (A one-off session key is actually involved.) If the private key has been kept truly private, no one else can read the message.
Source: DiderStevens - Posted by Benjamin D. Thomas
Steganography is the art of hiding messages so that uninitiated wouldn't suspect the presence of a message. A rainbow table is a huge binary file used for password cracking. This is the first in a series of posts on research I've done on how to hide data in rainbow tables, and how to detect its presence.
There are several steganography algorithms to hide data in pictures. They often involve changing the least-significant-bits of the numbers representing the color or another visual property of a pixel. This minute difference cannot be perceived by the naked eye, but it this there. The size of the data you can hide in a picture is limited by the size of the picture and by the numbers of bits involved in the steganography algorithm. It’s impossible to hide large files, like audio or video files, in a picture, unless you split the files and use a lot of pictures. To hide a large amount of data in a single file, you need a large file.
A team of researchers has, for the first time, hacked into a network protected by quantum encryption.
Quantum cryptography uses the laws of quantum mechanics to encode data securely. Most researchers consider such quantum networks to be nearly 100% uncrackable. But a group from the Massachusetts Institute of Technology (MIT) in Cambridge was able to 'listen in' using a sort of quantum-mechanical wiretap. The trick allowed them to tease out about half of the data, in a way that couldn't be detected by those transmitting or receiving the message.
The Defense Department has launched a new program to encourage the use of open- source encryption software within DOD systems.
The Open Source Software Institute of Hattiesburg, Miss., will support the OpenCrypto Management Program, which is part of DOD’s Open Technology Development road map initiative. The goal of that program is to provide DOD with greater system development and acquisition flexibility through collaborative software development.
Encryption has traditionally been difficult and expensive to use. This reputation was often well deserved. The 1999 study by Alma Whitten and. J. D. Tygar at Carnegie-Mellon University, “Why Johnny Can’t Encrypt,” found that 75 percent of study participants could not send encrypted e-mail within 90 minutes. That is not a technology that you would want to support unless there was absolutely no alternative.
Proofpoint said it is adding policy-based encryption to its email content filtering appliance.
The upgraded Proofpoint Secure Messaging software, slated for availability in June, adds Voltage's identity-based encryption (IBE) technology to the existing content-filtering capabilities, according to company officials. With this addition, Proofpoint's appliances will automatically encrypt email based on policies set by administrators as the messages leave the corporate network.
To maximize the effectiveness of encryption in providing effective security assurance solutions, organizations must deploy it as part of a defense-in-depth security stance. Like any technology, encryption is plagued with pitfalls, mistakes, and traps that could easily provide an organization with a false sense of confidence in its security, while still allowing attackers to easily compromise the organization’s data. The common pitfalls, mistakes, and traps that an organization implementing encryption must avoid are:
