Guardian article says:
Three million Britons have been issued with the new hi-tech passport, designed to frustrate terrorists and fraudsters. So why did Steve Boggan and a friendly computer expert find it so easy to break the security codes?
and:
The Home Office has adopted a very high encryption technology called 3DES – that is, to a military-level data-encryption standard times three. So they are using strong cryptography to prevent conversations between the passport and the reader being eavesdropped, but they are then breaking one of the fundamental principles of encryption by using non-secret information actually published in the passport to create a ’secret key’. That is the equivalent of installing a solid steel front door to your house and then putting the key under the mat.”
Read here and here.
Sphere: Related Content
Research paper by Omer Berkman and Odelia Moshe Ostrovsky: “The Unbearable Lightness of PIN Cracking” describes an inherent flaw with the way ATM PINs are encrypted and transmitted on the international financial networks, making them vulnerable to attack from malicious insiders in a bank.
Read full paper here.
Source: Schneier on Security blog.
Sphere: Related Content
In my previous post, I mentioned Gartner IT Security Summit. In meantime I’ve found interesting pool on top security conferences by Dr Anton Chuvakin, on his blog, with question: “Which information security conference do you like the most?”
You can read Chuvakin’s blog here. Just to say that above mentioned Gartner’s IT Security Summit is somewhere in the middle of scale at moment of writing this post.
Sphere: Related Content
Gartner announced its IT Security Summit to be held:
4-6 June 2007
Washington, DC
Marriott Wardman Park
Early Bird Price is US $1795. Not cheap by my opinion. You will decide is event worh that price.
Read full information here.
Sphere: Related Content
