Microsoft’s CryptoAPI flaw/CurveBall: a teaser of the quantum threat : Cybersecurity

The National Security Agency recently discovered a major cryptographic flaw in Microsoft’s low-level code within their operating system. This flaw, now known as CurveBall, was found within Windows CryptoAPI and effects the way Elliptic Curve Cryptography (ECC) x.509 certificates are validated, giving attackers the ability to “undermine how Windows verifies cryptographic trust,” as stated in the NSA’s Cybersecurity Advisory on this issue.

On 14th January 2020, Microsoft released a software update to fix this serious security vulnerability. Yet, due to the potentially severe nature of this vulnerability, they first made the patch available to the US government, military and “other high-value customers/targets that manage key Internet infrastructure.” If exploited by attackers, it would give them the ability to spoof digital signatures, essential for digital security and trust.

Initially reported by Brian Krebs at KrebsOnSecurity, this story has since made headlines in major news outlets, such as the Washington Post, Tech Crunch, and Wired, all of which include public comments from Anne Neuberger, director of the NSA’s Cybersecurity Directorate.

Continue Reading

Thales has partnered with ISARA Corporation and ID Quantique to collaborate on a quantum-safe, crypto-agile solution designed to protect against the security threat of quantum computing.

Continue Reading

While quantum computers will bring with them possible major advancements in the fields of medicine, chemistry, machine learning, and more, there is a negative impact on current public key cryptography causing widespread vulnerabilities.

Continue Reading

We’re excited to announce that Shasta Ventures has invested $10M USD into our Series A round. Shasta Ventures is a Silicon Valley based, early-stage investment firm with many previous successful exits. This investment will help fund our continued growth.

Continue Reading

On October 4th, 2018, BlackBerry announced that they will be embedding the ISARA Radiate™ Security Solutions Suite to provide quantum-safe code-signing capabilities as a product in their cryptography array.

Continue Reading

We know that as quantum computers begin to grow in qubit count, they become more powerful. A quantum computer strong enough to crack modern-day public key cryptography, which acts as the backbone of today’s secure interactions over the internet, is estimated to be five to 15 years away. Therefore, the importance of protecting against the quantum threat grows greater every day.

Continue Reading

ISARA has partnered with Hawkins Group, a cybersecurity consulting firm headed by Lt. Gen. Ronnie Hawkins, who is a former director of the Defence Information Systems Agency. Hawkins Group will assist ISARA in its effort to migrate the Department of Defense’s IT systems to quantum-safe security. Ronnie Hawkins sees the quantum threat as being an […]

Continue Reading

Lt. Gen. (Ret.) Ronnie Hawkins Jr. and the Hawkins Group to help lead Military Technology Policy and Strategy WATERLOO, Ontario (June 7th, 2018) – ISARA Corp., the leading provider of security solutions for the quantum age, announced today that it has partnered with Hawkins Group as a cybersecurity advisor in Washington, D.C. led by the former Director of the […]

Continue Reading