NIST Report on Lightweight Cryptography

National Institute of Standards and Technology (NIST) have published a report on Lightweight Cryptography.

Abstract

NIST approved cryptographic standards were designed to perform well on general purpose computers. In recent years,there has been increased deployment of small computing devices that have limited resources with which to implement cryptography. When current
NIST approved algorithms can be engineered to fit into the limited resources of constrained environments, their performance may not be acceptable. For these reasons, NIST started a lightweight cryptography project that was tasked with learning more about the issues and developing a strategy for the standardization of lightweight cryptographic algorithms. This report provides an overview of the lightweight cryptography project at NIST, and describes plans for the standardization of
lightweight cryptographic algorithms.

To view this report, see:

NIST Report on Lightweight Cryptography

Microsoft built its own custom Linux kernel for its new IoT service

Microsoft have announced the launch of a secure end-to-end IoT product that focuses on microcontroller-based devices — the kind of devices that use tiny and relatively low-powered microcontrollers (MCUs) for basic control or connectivity features. Typically, these kinds of devices, which could be anything from a toy to a household gadget or an industrial application, don’t often get updated and hence, security often suffers.

At the core of Azure Sphere is a new class of certified MCUs. As Microsoft president and chief legal officer Brad Smith stressed in today’s announcement, Microsoft will license these new Azure Sphere chips for free, in hopes to jump-start the Azure Sphere ecosystem.

For more information see the TechCrunch article:

Microsoft built its own custom Linux kernel for its new IoT service

 

Why nobody has succeeded at running IoT on the blockchain

From the permissioned blockchain networks of IBM to the newly introduced Hashgraph technology, some of the largest technology and financial conglomerates have been testing the applicability and potential of blockchain with the Internet of Things (IoT) market since the beginning of 2016.

Yet, with nearly $4 billion invested in blockchain research and development, not a single company has been able to demonstrate the successful integration of blockchain technology with IoT.

…….For this sort of system to be deployed commercially, the scale of the blockchain-based IoT network would have to increase drastically in order to support hundreds of thousands of users. This would require the system to manage tens of thousands of data points per second, all of the which would need to go through the blockchain.

See full article at TNW:

Here is why nobody has succeeded at running IoT on the blockchain

Four wireless standards hackers will target after Wi-Fi

Today, you can buy an easy-to-use graphical attack tool called the Wi-Fi Pineapple. These devices are simply an access point with a collection of attack tools enabled by an easy-to-use graphical web interface that leverage the single biggest weakness in Wi-Fi security: the man-in-the-middle (MiTM) attack

But Wi-Fi isn’t the only wireless protocol out there. Which new wireless communication methods might hackers focus on next? To answer that, we need to ask ourselves two questions:

1. Is there potential value? – Most malicious hackers want a payout. In order for a wireless communication channel to truly become a target, online criminals need to be able to squeeze something of value from it.

2. Is the target easy to find? – Hackers often rely on broad coverage and sheer numbers. For example, they’re not going to waste time hacking a new wireless communication that hasn’t yet seen mass adoption.

For more information see the article written by Ryan Orsi, Director of Product Management at WatchGuard Technologies in Help Net Security:

Four wireless standards hackers will target after Wi-Fi