GDG Venezia’s Post

Use password-free authentication Simpler to use and far more secure than passwords, passkeys use cryptography to prove that you are you. #morethanapasswordday

How well do cryptographic algorithms protect access to company networks? You might think that they are actually secure. But there are also faulty implementations and weak algorithms https://lnkd.in/d2XwC-du The vulnerability CVE-2024-31497 (CVSS 8.8) exploits the popular Windows SSH client PuTTY via an encryption error. Read the blog to find out how this happens and how you can protect yourself: https://lnkd.in/dZyWVnNw #authorization #authentication #PKI #PuTTY #cryptography #XZutils #SSH #ECDSA #BSI #Vulnerabilitymanagement #CVE-2024-31497

How careful are you about passwords? According to Nordpass, the five most common passwords globally in 2024 are: 1. 123456 2. admin 3. 12345678 4. 123456789 5. 1234 No cryptography background required to spot the pattern! October is national security month here in Norway, so we thought it a good occasion to remind us all that complex passwords don't have to be incomprehensible character strings. Passwords that are easy to visualize and memorize are more usable and less likely to be written down in a less than secure location. #NasjonalSikkerhetsmåned #PasswordSecurity #123456

"Passkeys in Entra ID work by leveraging FIDO2 standards, enabling passwordless authentication through biometric or PIN-based verification on registered devices. They store cryptographic keys securely within the device's hardware, ensuring only authorized access. They utilize public-key cryptography, where the public key is stored in Entra ID, while the private key remains securely on the user's device." 🤔 https://lnkd.in/e64W-A2D

🔐🚀 I have completed the "Cryptography for Dummies" room on TryHackMe! Enhanced my understanding of fundamental cryptography concepts. #CyberSecurity #Cryptography #TryHackMe

#Paper 2024/277 on Multivariate like Scheme Multivariate cryptography is one of the main candidates for creating post-quantum public key cryptosystems. Especially in the area of digital signatures, there exist many practical and secure multivariate schemes. The signature schemes #UOV and #Rainbow are two of the most promising and best studied multivariate schemes which have proven secure for more than a decade. However, so far the security of multivariate signature schemes towards physical attacks has not been appropriately assessed.... The exact definition of Cryptography.

Running a test encrypting 1 GB of random data using ECC and the Kyber post-quantum cryptography algorithm. This screenshot (test in progress) shows nanoseconds required for each random 1 GB input to be compressed. The results are astonishing. Kyber has not only withstood years of security scrutiny as an encryption algorithm, but it is clearly faster than Elliptic Curve Cryptography (and thus faster than RSA). This benchmark was written in Golang and is running on my dev laptop (not the biggest computer).

In 2024, the #PKI landscape is undergoing significant changes with Google’s 90-day #TLS proposal, the distrust of Entrust certificates, and the push for post-quantum cryptography (#PQC). 🌐 Each of these shifts presents new challenges—but also opportunities for those who are prepared. This latest AppViewX blog delves into these trends and offers a roadmap to achieving crypto-agility, ensuring your organization remains secure and future-ready. 👇

The Diffie–Hellman (DH) Algorithm is a key-exchange protocol that enables two parties communicating over public channel to establish a mutual secret without it being transmitted over the Internet. DH enables the two to use a public key to encrypt and decrypt their conversation or data using symmetric cryptography. https://lnkd.in/d_U7KKrb

In 2024, the #PKI landscape is undergoing significant changes with Google’s 90-day #TLS proposal, the distrust of Entrust certificates, and the push for post-quantum cryptography (#PQC). 🌐 Each of these shifts presents new challenges—but also opportunities for those who are prepared. This latest AppViewX blog delves into these trends and offers a roadmap to achieving crypto-agility, ensuring your organization remains secure and future-ready. 👇