ZDNet

SSL broken! Hackers create rogue CA certificate using MD5 collisions

Using computing power from a cluster of 200 PS3 game consoles and about $700 in test digital certificates, a group of hackers in the U.S. and Europe have found a way to target a known weakness in the ...
Ars Technica

“Lucky Thirteen” attack snarfs cookies protected by SSL encryption

Software developers are racing to patch a recently discovered vulnerability that allows attackers to recover the plaintext of authentication cookies and other encrypted data as they travel over the ...
PC World

CloudFlare reveals ‘Universal SSL’: Free, headache-free encryption for websites

More and more websites are looking to enable SSL encryption to protect their visitors from eavesdroppers and hackers. Now web infrastructure company CloudFlare will make it a bit easier by adding that ...
CoinTelegraph

Known-plaintext attacks, explained

A known-plaintext attack (KPA) occurs when a hacker uses pairs of both encrypted and unencrypted data to figure out the encryption algorithm or key. In this attack, the hacker has access to both the ...
Ars Technica

SSL broken, again, in POODLE attack

From the researchers that brought you BEAST and CRIME comes another attack against Secure Sockets Layer (SSL), one of the protocols that’s used to secure Internet traffic from eavesdroppers both ...
Scientific American

New Encryption System Protects Data from Quantum Computers

Once quantum computers become functional, experts warn, they could perform calculations exponentially faster than classical computers—potentially enabling them to destroy the encryption that currently ...
PC World

How to enable Yahoo Mail’s (soon to be default) SSL encryption today

The revamped Yahoo Mail sure is pretty, but from a security perspective the popular service has a pretty ugly security flaw: It doesn’t encrypt your email sessions. But that will soon change. (Finally ...