NIST’s Post-Quantum Cryptography Standards

Quantum computing is a completely new paradigm for computers. A quantum computer uses quantum properties such as superposition, which allows a qubit a quantum bit to be neither 0 nor 1, but something much more complicated. In theory, such a computer can solve problems too complex for conventional...

GHSA-75RW-34Q6-72CR Signature forgery in Biscuit

Impact The paper Cryptanalysis of Aggregate Γ-Signature and Practical Countermeasures in Application to Bitcoin defines a way to forge valid Γ-signatures, an algorithm that is used in the Biscuit specification version 1. It would allow an attacker to create a token with any access level. As Biscu...

Signature forgery in Biscuit

Impact The paper Cryptanalysis of Aggregate Γ-Signature and Practical Countermeasures in Application to Bitcoin defines a way to forge valid Γ-signatures, an algorithm that is used in the Biscuit specification version 1. It would allow an attacker to create a token with any access level. As Biscu...

Cryptanalysis of ENCSecurity’s Encryption Implementation

ENCSecurity markets a file encryption system, and its used by SanDisk, Sony, Lexar, and probably others. Despite it using AES as its algorithm, its implementation is flawed in multiple ways--and breakable. The moral is, as it always is, that implementing cryptography securely is hard. Dont roll...

CVE-2022-20742

Cisco ASA Software and Firepower Threat Defense (FTD) Software contain an IPsec IKEv2 VPN information disclosure vulnerability (CVE-2022-20742) due to improper GCM cipher implementation. An unauthenticated, remote attacker in a man-in-the-middle position can intercept encrypted messages across an...

Bunnie Huang’s Plausibly Deniable Database

Bunnie Huang has created a Plausibly Deniable Database. Most security schemes facilitate the coercive processes of an attacker because they disclose metadata about the secret data, such as the name and size of encrypted files. This allows specific and enforceable demands to be made: “Give us the...

Use of a Broken or Risky Cryptographic Algorithm in anonaddy/anonaddy

Description MD5 and SHA-1 are popular cryptographic hash algorithms often used to verify the integrity of messages and other data. Recent advances in cryptanalysis have discovered weaknesses in both algorithms. Consequently, MD5 and SHA-1 should no longer be relied upon to verify the authenticity...

Advisory ROSA-SA-2021-1826

Software: ed 1.9 OS: Cobalt 7.9 CVE-ID: CVE-2015-2987 CVE-Crit: MEDIUM CVE-DESC: Type74 ED before 4.0 incorrectly uses 128-bit ECB encryption for small files, making it easier for attackers to obtain plaintext data by differential cryptanalysis of a file with an original length of less than 128...

Intentional Flaw in GPRS Encryption Algorithm GEA-1

General Packet Radio Service GPRS is a mobile data standard that was widely used in the early 2000s. The first encryption algorithm for that standard was GEA-1, a stream cipher built on three linear-feedback shift registers and a non-linear combining function. Although the algorithm has a 64-bit...

CVE-2020-3585

A vulnerability in the TLS handler of Cisco Adaptive Security Appliance ASA Software and Cisco Firepower Threat Defense FTD Software for Cisco Firepower 1000 Series firewalls could allow an unauthenticated, remote attacker to gain access to sensitive information. The vulnerability is due to...

Type74 ED before 4.0 misuses 128-bit ECB encryption for small files which makes it easier for attackers to obtain plaintext data via differential cryptanalysis of a file with an original length smaller than 128 bits.

...

MGASA-2020-0315 Updated mumble packages fix security vulnerability

Updated mumble package fixes security vulnerability: OCB2 is known to be broken under certain conditions: https://eprint.iacr.org/2019/311 To execute the universal attacks described in the paper, an attacker needs access to an encryption oracle that allows it to perform encryption queries with...

Cryptanalysis of an Old Zip Encryption Algorithm

Mike Stay broke an old zipfile encryption algorithm to recover $300,000 in bitcoin. DefCon talk here...

Huawei EulerOS: Security Advisory for httpd (EulerOS-SA-2020-1552)

The remote host is missing an update for the Huawei EulerOS SPDX-FileCopyrightText: 2020 Greenbone AG Some text descriptions might be excerpted from a referenced sources, and are Copyright C by the respective right holders. SPDX-License-Identifier: GPL-2.0-only ifdescription...

Another Story of Bad 1970s Encryption

This one is from the Netherlands. It seems to be clever cryptanalysis rather than a backdoor. The Dutch intelligence service has been able to read encrypted communications from dozens of countries since the late 1970s thanks to a microchip, according to research by de Volkskrant on Thursday. The...

More Cryptanalysis of Solitaire

In 1999, I invented the Solitaire encryption algorithm, designed to manually encrypt data using a deck of cards. It was written into the plot of Neal Stephenson's novel Cryptonomicon, and I even wrote an afterward to the book describing the cipher. I don't talk about it much, mostly because I mad...

Cryptanalysis of SIMON-32/64

A weird paper was posted on the Cryptology ePrint Archive working link is via the Wayback Machine, claiming an attack against the NSA-designed cipher SIMON. You can read some commentary about it here. Basically, the authors claimed an attack so devastating that they would only publish a...

Security Bulletin: Public disclosed vulnerability from Nimbus-JOSE-JWT affects IBM Spectrum LSF

Summary Public disclosed vulnerability from Nimbus-JOSE-JWT affects IBM Spectrum LSF Vulnerability Details CVE-2017-16007 BDSA-2017-0101 Nimbus JOSE+JWT implemented the ECDH-ES encryption option of the 'JSON Web Encryption' standard in a way that is vulnerable to cryptanalysis. This would enable ...

Side-channel Attack

GnuPG is vulnerable to side-channel attacks. An attacker in close physical range to the target system is able to decrypt ciphertexts using acoustic cryptanalysis to recover the RSA secret key belonging to the system...

Design/Logic Flaw

Cryptanalysis vulnerability in the web interface in McAfee Network Security Management NSM before 8.2.7.42.2 allows attackers to view confidential information via insecure use of RC4 encryption cyphers...