Exploits Against Legacy Encryption – A Conversation with Cisco
You should already realize that you cannot just change your standard encryption algorithms and key lengths on a moment’s notice. Those are decisions that you made after careful research and testing. So while you might have some cryptography in place that isn’t the latest and greatest Elliptic Curve or Quantum Cryptography fad, you’re confident that it adequately protects your assets.
Or at least you selected cryptography that protected against known attacks when you selected it. And that’s the problem. Attackers never stop looking for exploits, be they weaknesses in the algorithm, attackable key sizes, or using Moore’s Law to simply brute force the math.
At the RSA Conference I had the pleasure of discussing a new type of possible attack against legacy encryption with Cisco Fellow David McGrew. He explains the potential weakness of 64-bit block ciphers including the American Data Encryption Standard (DES) and Triple-DES algorithms as well as the Soviet GOST 28147-89.
David and I we discuss the potential attacks as well as the fact that Triple-DES, or 3DES, is actually a 168-bit block cipher that uses three iterations of DES. Because 3DES is frequently used in IT today that topic is especially interesting. In fact, if your infrastructure supports mobile platforms like Apple iOS or Google Android, you probably have 3DES implemented right now. That makes watching this video even more important for you.
Check out the video of myself with David McGrew.
Be well and be safe!
Mike Danseglio -CISSP / CEH
Interface Technical Training – Technical Director and Instructor
Agile Methodology in Project Management
In this video, you will gain an understanding of Agile and Scrum Master Certification terminologies and concepts to help you make better decisions in your Project Management capabilities. Whether you’re a developer looking to obtain an Agile or Scrum Master Certification, or you’re a Project Manager/Product Owner who is attempting to get your product or … Continue reading Agile Methodology in Project Management
Windows 10 Features and Navigation – December 1, 2015
In this recorded Windows 10 webinar from December 1,2015, Windows Instructor Steve Fullmer presents the navigation and some of the new features associated with Windows 10 including Sysinternals Tools for Windows Client, Windows core concepts, exploring Process Explorer as well as some of the features that are not yet ready for prime time but will … Continue reading Windows 10 Features and Navigation – December 1, 2015
Detailed Forensic Investigation of Malware Infections – April 21, 2015
How does an investigator hunt down and identify unknown malware? In this recording of our IT Security training webinar on April 21, 2015, Security expert Mike Danseglio (CISSP / CEH) performed several malware investigations on infected computers and identify symptoms, find root cause, and follow the leads to determine what’s happening. He demonstrated his preferred … Continue reading Detailed Forensic Investigation of Malware Infections – April 21, 2015
Write a Comment
See what people are saying...