Lattice-Based Cryptosystems and Quantum Cryptanalysis
There have been decades of unsuccessful research into breaking lattice-based systems with classical computers; there has been much less research into quantum cryptanalysis.
Bruce Schneier
Advertisement
Author Archives
LLMs’ Data-Control Path Insecurity
We need to think carefully about using LLMs in potentially adversarial situations . . . like on the Internet.
In Memoriam: Ross Anderson, 1956-2024
A researcher, author, and industry consultant in security engineering, Anderson also was a professor of Security Engineering at the Department of Computer Science and Technology of the U.K.'s University of Cambridge.
Mandating insecurity by requiring government access to all data and communications.
The information security literature is filled with risk pathologies, heuristics that we use to help us evaluate risks. I’ve collected them from many different sources. When you look over the list of exaggerated and downplayed risks in the table here, the most remarkable thing is how reasonable so many of them seem. This makes sense […]
Recent reports of personal information theft are coming in torrents. Criminals are known to have downloaded the personal credit information of over 145,000 individuals from ChoicePoint’s network. Hackers took over one of the LexisNexis databases, gaining access to personal files of 32,000 people. Bank of America Corp. lost computer data tapes that contained personal information […]
Two-Factor Authentication: Too Little, Too Late
Two-factor authentication isn’t our savior. It won’t defend against phishing. It’s not going to prevent identity theft. It’s not going to secure online accounts from fraudulent transactions. It solves the security problems we had 10 years ago, not the security problems we have today. The problem with passwords is that it is too easy to […]
Considerable confusion exists between the different concepts of secrecy and security, which often causes bad security and surprising political arguments. Secrecy usually contributes only to a false sense of security. In June 2004, the U.S. Department of Homeland Security urged regulators to keep network outage information secret. The Federal Communications Commission requires telephone companies to […]
Many discussions of voting systems and their relative integrity have been primarily technical, focusing on the difficulty of attacks and defenses. This is only half of the equation: it’s not enough to know how much it might cost to rig an election by attacking voting systems; we also need to know how much it would […]
Voting and Technology: Who Gets to Count Your Vote?
Paperless voting machines threaten the integrity of democratic process by what they don't do.
Shape the Future of Computing
ACM encourages its members to take a direct hand in shaping the future of the association. There are more ways than ever to get involved.
Get Involved