Hacking police radios: 30-year-old crypto flaws in the spotlight
“Three may keep a secret, if two of them are dead.”
Cryptography
Microsoft hit by Storm season – a tale of two semi-zero days
The first compromise didn’t get the crooks as far as they wanted, so they found a second one that did…
Researchers Use Power LED to Extract Encryption Keys in Groundbreaking Attack
By Deeba Ahmed
This attack method can help attackers surpass all barriers to exploit side channels, which so far were not possible.
This is a post from HackRead.com Read the original post: Researchers Use Power LED to Extract Encryption Keys in Groundb…
Power LED Side-Channel Attack
This is a clever new side-channel attack:
The first attack uses an Internet-connected surveillance camera to take a high-speed video of the power LED on a smart card reader—or of an attached peripheral device—during cryptographic operations. This technique allowed the researchers to pull a 256-bit ECDSA key off the same government-approved smart card used in Minerva. The other allowed the researchers to recover the private SIKE key of a Samsung Galaxy S8 phone by training the camera of an iPhone 13 on the power LED of a USB speaker connected to the handset, in a similar way to how Hertzbleed pulled SIKE keys off Intel and AMD CPUs…
Hackers Can Uncover Cryptographic Keys by Recording Footage of Power LEDs
A shocking discovery has been made by researchers, unveiling an innovative method for extracting covert encryption keys from smart cards and smartphones. Utilizing the integrated cameras of iPhones or surveillance systems, they record videos of power L…
AI-Generated Steganography
New research suggests that AIs can produce perfectly secure steganographic images:
Abstract: Steganography is the practice of encoding secret information into innocuous content in such a manner that an adversarial third party would not realize that there is hidden meaning. While this problem has classically been studied in security literature, recent advances in generative models have led to a shared interest among security and machine learning researchers in developing scalable steganography techniques. In this work, we show that a steganography procedure is perfectly secure under Cachin (1998)’s information theoretic-model of steganography if and only if it is induced by a coupling. Furthermore, we show that, among perfectly secure procedures, a procedure is maximally efficient if and only if it is induced by a minimum entropy coupling. These insights yield what are, to the best of our knowledge, the first steganography algorithms to achieve perfect security guarantees with non-trivial efficiency; additionally, these algorithms are highly scalable. To provide empirical validation, we compare a minimum entropy coupling-based approach to three modern baselines—arithmetic coding, Meteor, and adaptive dynamic grouping—using GPT-2, WaveRNN, and Image Transformer as communication channels. We find that the minimum entropy coupling-based approach achieves superior encoding efficiency, despite its stronger security constraints. In aggregate, these results suggest that it may be natural to view information-theoretic steganography through the lens of minimum entropy coupling…
S3 Ep137: 16th century crypto skullduggery
Lots to learn, clearly explained in plain English… listen now! (Full transcript inside.)
Real World Crypto 2023 Recap
Last month, hundreds of cryptographers descended upon Tokyo for the first Real World Crypto Conference in Asia. As in previous years, we dispatched a handful of our researchers and engineers to present and attend the conference. What sets RWC apart from other conferences is that it strongly emphasizes research, collaborations, and advancements in cryptography that […]
S3 Ep125: When security hardware has security holes [Audio + Text]
Lastest episode – listen now! (Full transcript inside.)
Serious Security: TPM 2.0 vulns – is your super-secure data at risk?
Security bugs in the very code you’ve been told you must have to improve the security of your computer…