Low-tech high-security passwords

You’ve seen this advice many times: use a different password for each website you log into, including lowercase, capitals, numbers, and special symbols. Change it often. If you don’t, a hacker that breaks into one of those websites might be able to get into your bank account and your Facebook page, emptying the first of money and filling the second with child porn. But I’d bet you don’t do it because it’s just too hard to come up with a good password for each website, and then remember it. In this post, I’ll be telling you a paper-and-pencil trick derived from one whose author is none other than Turing award winner Manuel Blum, but far less taxing on your brain. Read More

Tabula Prava

In Latin, “Tabula Prava” means “crooked table.” This is a play on “Tabula Recta” (straight table), which is a grid full of letters used in a number of classic ciphers, including the Vigenère cipher. Tabula Prava is the straightforward combination of a high-entropy key derivation algorithm, which I published earlier on this blog, and the FibonaRNG cipher, also published here. The result is a very secure cipher that is still quite fast and easy to use with pencil and paper. Read More

Et Tu, WhatsApp

The “unthinkable” has happened: it is alleged that WhatsApp has a backdoor in its end-to-end encryption, and nobody has actually been getting any security all along. All of this while using  the acclaimed “open source” Signal protocol. This article will not break any news, but hopefully will make you think and be safer as a result.

Hint: it has all to do with the quotes in the first two sentences. Read More