In this episode we explain the potential for future quantum computers to break files signed today with RSA or ECC, called "Trust now, forge later."
Root Causes Podcast
73 bis 90 von 575 podcasts angezeigt
Jason describes his recent experience using Amazon Braket.
In this episode Jason explains the fallacy of "playing chicken" with the Quantum Apocalypse. We discuss stack ranking and "eyes open" PQC risk decisions.
In this brief episode we explain why the problem that Shor's Algorithm poses to RSA and ECC can't be solved simply by increasing key size.
Wow. It's episode 500 of Root Causes. Jason and Tim talk about how the podcast has evolved in the past six years, how it has remained consistent, and the updates we're making to keep being a valuable resource for our listeners.
The recent Signal controversy highlights the importance of understanding what protections an E2EE messaging app provides, and what it does not.
The UK National Cyber Security Centre (NCSC) has released new PQC guidance. We take exception to the dates it gives and explain why.
Guest Sofia Celi (IETF, Brave) returns to talk about important developments in post quantum cryptography. Sofia tells us about her candidate algorithm MAYO and what is happening with the NIST PQC onramp. We learn about KEM TLS and the status of PQC…
Gmail is now end-to-end encrypted for all recipients, regardless of the receiving client. We explain how Gmail accomplishes this trick.
We build on our Trust Models discussion to explore how organizations can structure their PKI for the transition to post quantum cryptography (PQC).
We explain the basics of trust models and compare various models including WebPKI, private CA, and consortium models.
Changing root store requirements mean CAs must separate their root hierarchies for different certificate types. We explain why enterprises should consider private CA for some use cases.
In this episode we get excited about errors we see in mandatory security trainings.
We are rejoined by Dr. Michele Mosca to explore the potential threat of RSA being broken even in the absence of a quantum computing attack.
We define Chrome versus Chromium, explaining what each is and the difference between the two.
Does AI kill end-to-end encryption? There is a contention that the presence of AI agents in the workstream will render your confidential information visible outside the encrypted communication channels and therefore that E2EE is pointless. We explore…
We explain the major news items from the most recent CA/Browser Forum face-to-face meeting in Tokyo. Topics include MPIC, 47-day certificate term, and Temporary Restraining Orders.
Jason and I take a peek forward at what we imagine IT security looks like in 2030. Topics include PQC, ZTNA, "green zones," deep fakes, IoT, connected cars, agentic AI, blockchain, and CLM.