Top Mathematics discussions
NishMath - #cybersecurity
|
@thecyberexpress.com
//
References:
Metacurity
, thecyberexpress.com
Researchers from the U.S. National Institute of Standards and Technology (NIST) and the Cybersecurity and Infrastructure Security Agency (CISA) have collaborated to develop a new security metric designed to better assess the likelihood of vulnerability exploitation. This metric aims to enhance the existing Exploit Prediction Scoring System (EPSS) and CISA's Known Exploited Vulnerabilities (KEV) catalog, providing a more refined approach to identifying vulnerabilities that are at high risk of being exploited in the wild. Peter Mell, formerly of NIST, and Jonathan Spring from CISA are credited with outlining this vulnerability exploit metric.
This new metric, detailed in a NIST White Paper titled "Likely Exploited Vulnerabilities," seeks to improve the accuracy with which vulnerabilities are prioritized for remediation. By augmenting the EPSS and KEV lists, the metric intends to provide a clearer understanding of a vulnerability's exploitability. The researchers propose this augmentation as a means to better express how likely a vulnerability is to be exploited, which can aid organizations in focusing their security efforts on the most critical threats. Meanwhile, CISA has recently added six new vulnerabilities to its Known Exploited Vulnerabilities catalog, underscoring the importance of addressing actively exploited flaws. In a related development, Wiz Research has observed in-the-wild exploitation of CVE-2025-4427 and CVE-2025-4428, two recently disclosed vulnerabilities affecting Ivanti Endpoint Manager Mobile (EPMM). These Ivanti EPMM vulnerabilities, which involve a chain of exploits leading to remote code execution, highlight the need for organizations to promptly apply security patches and mitigate potential risks. Recommended read:
References :
@crypto.ku.edu.tr
//
Koç University's Cryptography, Security & Privacy Research Group is offering scholarships and internships in the field of cryptography, security, and privacy, including positions at the post-doctoral level. These opportunities are available for Ph.D. and M.Sc. students, as well as post-doctoral researchers interested in contributing to cutting-edge research. The project funding is specifically related to applied cryptography, with a focus on privacy-preserving and adversarial machine learning. This initiative aims to foster talent and innovation in these critical areas of computer science and engineering.
The research group is also offering summer internships to undergraduates and graduates to improve their research skills and plan to attend graduate school. This experience can help them decide if they want to pursue graduate education or a research career. The program is available for international students, which takes place between June 30 and August 15th. The application deadline is May 16, 2025 and the applications opened March 12, 2025. The Koç University Summer Research Program is also open to motivated high school students. The program aims to help students experience a university environment, gather information on undergraduate areas they would like to study, and learn how to conduct academic research. Applicants must have completed Year 8. All applicants should have good academic standings and be sufficient in English Language as the medium of instruction is English. Recommended read:
References :
@medium.com
//
References:
medium.com
, Peter Bendor-Samuel
,
Quantum computing is rapidly advancing, bringing both immense potential and significant cybersecurity risks. The UK’s National Cyber Security Centre (NCSC) and experts across the globe are warning of a "colossal" overhaul needed in digital defenses to prepare for the quantum era. The concern is that powerful quantum computers could render current encryption methods obsolete, breaking security protocols that protect financial transactions, medical records, military communications, and blockchain technology. This urgency is underscored by the threat of "harvest now, decrypt later" attacks, where sensitive data is collected and stored for future decryption once quantum computers become powerful enough.
Across the globe, governments and organizations are scrambling to prepare for a quantum future by adopting post-quantum cryptography (PQC). PQC involves creating new encryption algorithms resistant to attacks from both classical and quantum computers. The U.S. National Institute of Standards and Technology (NIST) has already released several algorithms believed to be secure from quantum hacking. The NCSC has issued guidance, setting clear timelines for the UK’s migration to PQC, advising organizations to complete the transition by 2035. Industry leaders are also urging the U.S. Congress to reauthorize and expand the National Quantum Initiative to support research, workforce development, and a resilient supply chain. Oxford Ionics is one of the companies leading the way in quantum computing development. Oxford has released a multi-phase roadmap focused on achieving scalability and fault tolerance in their trapped-ion quantum computing platform. Their strategy includes the 'Foundation' phase, which involves deploying QPUs with 16-64 qubits with 99.99% fidelity, already operational. The second phase introduces chips with 256+ qubits and error rates as low as 10-8 via quantum error correction (QEC). The goal is to scale to over 10,000 physical qubits per chip, supporting 700+ logical qubits with minimal infrastructure change. There are also multiple bills introduced in the U.S. Congress and the state of Texas to foster the advancement of quantum technology. Recommended read:
References :
Siôn Geschwindt@The Next Web
//
References:
The Next Web
, medium.com
,
Quantum computing is rapidly advancing, presenting both opportunities and challenges. Researchers at Toshiba Europe have achieved a significant milestone by transmitting quantum-encrypted messages over a record distance of 254km using standard fiber optic cables. This breakthrough, facilitated by quantum key distribution (QKD) cryptography, marks the first instance of coherent quantum communication via existing telecom infrastructure. QKD leverages the principles of quantum mechanics to securely share encryption keys, making eavesdropping virtually impossible, as any attempt to intercept the message would immediately alert both parties involved.
This advance addresses growing concerns among European IT professionals, with 67% fearing that quantum computing could compromise current encryption standards. Unlike classical computers, which would take an impractical amount of time to break modern encryption, quantum computers can exploit phenomena like superposition and entanglement to potentially crack even the most secure classical encryptions within minutes. This has prompted global governments and organizations to accelerate the development of robust cryptographic algorithms capable of withstanding quantum attacks. Efforts are underway to build quantum-secure communication infrastructure. Heriot-Watt University recently inaugurated a £2.5 million Optical Ground Station (HOGS) to promote satellite-based quantum-secure communication. In July 2024, Toshiba Europe, GÉANT, PSNC, and Anglia Ruskin University demonstrated cryogenics-free QKD over a 254 km fiber link, using standard telecom racks and room temperature detectors. Initiatives such as Europe’s EuroQCI and ESA’s Eagle-1 satellite further underscore the commitment to developing and deploying quantum-resistant technologies, mitigating the silent threat that quantum computing poses to cybersecurity. Recommended read:
References :
@medium.com
//
The convergence of quantum computing and cryptography is rapidly evolving, presenting both opportunities and threats to the digital landscape. EntropiQ, a startup specializing in quantum solutions, has launched Quantum Entropy as a Service (QEaaS), offering on-demand, crypto-agile quantum entropy distribution. This service is designed for critical infrastructure and integrates with existing systems via API, aligning with NIST SP 800-90 guidelines. To bolster deployment and operational validation, EntropiQ has partnered with Equinix and GIS QSP, demonstrating its platform in secure, scalable environments across various locations, including Silicon Valley and Washington, D.C.
The imminent threat posed by quantum computers to current cryptographic systems is driving the need for innovative security measures. Algorithms like RSA and ECC, which underpin much of today's digital security, are vulnerable to quantum algorithms like Shor's, which can efficiently factor large integers. This has prompted significant research into post-quantum cryptography (PQC), with solutions like SPQR-AC emerging to leverage hybrid cryptographic frameworks combining lattice-based and code-based primitives. The UK’s National Cyber Security Centre (NCSC) has issued guidance, urging organizations to plan their transition to quantum-safe cryptography by 2028 and complete migration of high-criticality systems by 2031. Artificial intelligence (AI) is increasingly being integrated into quantum cryptography to enhance security and build resilience against emerging quantum threats. This fusion of AI and quantum-resistant encryption is aimed at protecting data in the post-quantum era, as AI can aid in developing more robust and adaptive cryptographic solutions. The NCSC's recommendations emphasize the importance of understanding the risks and taking proactive steps to secure digital infrastructure. Furthermore, the concept of "crypto agility" is gaining traction, encouraging businesses to develop the capacity to rapidly adapt encryption standards as quantum computers advance, ensuring continuous protection against evolving threats. Recommended read:
References :
@thequantuminsider.com
//
Heriot-Watt University has launched a £2.5 million Optical Ground Station (HOGS) at its Research Park in Edinburgh, marking a significant advancement in satellite-based quantum-secure communication. The facility, developed under the UK Quantum Communications Hub, features a 70-cm precision telescope equipped with adaptive optics and quantum detectors. This investment positions Heriot-Watt at the forefront of quantum communication research and development.
The HOGS facility will enable quantum key distribution (QKD) experiments with satellites, facilitating secure communication channels resistant to future decryption by quantum computers. The station is equipped to monitor space debris and test ultra-high-speed optical communications for next-generation networks. This is the UK’s first major infrastructure investment in free-space quantum key distribution research, as it will serve as a testbed for space-to-ground optical links that use quantum-secure protocols to exchange encryption keys via single photons. The project marks a major step in the UK’s efforts to build a quantum-secure internet, offering a unique testbed for industry and academia. Connected via dark fibre to Heriot-Watt’s quantum labs, HOGS enables real-time simulation and validation of urban to intercontinental optical quantum networks. HOGS is part of Heriot-Watt’s leadership in the new Integrated Quantum Networks (IQN) Hub, positioning the university as a central player in the development of quantum-secure communications. The facility aims to grow Scotland’s space economy and future workforce, partnering with universities, national laboratories, and businesses, including STEM programs for students. Recommended read:
References :
@The Cryptography Caffe? ?
//
The UK's National Cyber Security Centre (NCSC) has released a roadmap for transitioning to post-quantum cryptography (PQC), establishing key dates for organizations to assess risks, define strategies, and fully transition by 2035. This initiative aims to mitigate the future threat of quantum computers, which could potentially break today's widely used encryption methods. The NCSC’s guidance recognizes that PQC migration is a complex and lengthy process requiring significant planning and investment.
By 2028, organizations are expected to complete a discovery phase, identifying systems and services reliant on cryptography that need upgrades, and draft a migration plan. High-priority migration activities should be completed by 2031, with infrastructure prepared for a full transition. The NCSC emphasizes that these steps are essential for addressing quantum threats and improving overall cyber resilience. Ali El Kaafarani, CEO of PQShield, noted that these timelines give clear instructions to protect the UK’s digital future. Researchers have also introduced ZKPyTorch, a compiler that integrates ML frameworks with ZKP engines to simplify the development of zero-knowledge machine learning (ZKML). ZKPyTorch automates the translation of ML operations into optimized ZKP circuits and improves proof generation efficiency. Through case studies, ZKPyTorch successfully converted VGG-16 and Llama-3 models into ZKP-compatible circuits. Recommended read:
References :
@Talkback Resources
//
Google Cloud has launched quantum-safe digital signatures within its Cloud Key Management Service (Cloud KMS), now available in preview. This cybersecurity enhancement prepares users against future quantum threats by aligning with the National Institute of Standards and Technology’s (NIST) post-quantum cryptography (PQC) standards. The upgrade provides developers with the necessary tools to protect encryption.
Google's implementation integrates NIST-standardized algorithms FIPS 204 and FIPS 205, enabling signing and validation processes resilient to attacks from quantum computers. By incorporating these protocols into Cloud KMS, Google enables enterprises to future-proof authentication workflows, which is particularly important for systems requiring long-term security, such as critical infrastructure firmware or software update chains. This allows organizations to manage quantum-safe keys alongside classical ones, facilitating a phased migration. Recommended read:
References :
|
Blogs
|