We explain where Hardware Secure Modules (HSMs) fit into the world of PQC, including hybrid certificates and defining how HSMs will incorporate PQC.
Google has proposed removing the requirement for OCSP revocation checking for public SSL certificates meeting certain specific conditions.
Recent news reports might suggest that an AI-enhanced side attack has defeated the CRYSTALS-Kyber PQC algorithm.
In this episode we discuss the idea of "watermarking" ChatGPT content, including stenography, randomness, entropy, and how to destroy the watermarks.
Recent public discussion of FIDO and digital certificates reveal details of Microsoft's approach to consumer digital authentication.
Google has announced the Privacy Sandbox. In this episode we describe concepts like k-anonymity and differential privacy.
People may use ChatGPT for reputation analysis, KYC, and other info about individuals and companies. This is subject to error and deliberate misdirection.
An attacker gained a copy of the full 2019 TSA No Fly list, including subject PII, all enabled by failures in digital identity and encryption.
The U.S. government has a new law requiring that government agencies create plans for migrating to PQC in response to threats from quantum computers.
We catalog the various ways a Certificate Lifecycle Management (CLM) system can be "CA agnostic."
Concerns recently have been raised about OCSP real-time certificate checking and its potential to violate privacy.
We explain the difference between Public Key Exchange (PKE) and Key Encapsulation Methods (KEM) and why we're moving from one to another.