A security podcast is hosted by Professor William (Bill) Buchanan OBE, a world-renowned Information security professional and educator. Join Bill as he interviews and discusses the state-of-the-art with esteemed guests from all corners of the security industry. From cryptologists to technologists, each guest shares a wealth of experience and knowledge.
…
continue reading
1
Towards the Memex: All Hail The Future Rulers of our World
7:50
7:50
Play later
Play later
Lists
Like
Liked
7:50
And, so George Orwell projected a world where every single part of our lives was monitored and controlled by Big Brother. Arthur C Clark outlined the day when machines focused solely on a goal — even if it was to the detriment of human lives. And, Isaac Asimov outlined a world where machines would have to be programmed with rules so that they could…
…
continue reading
1
World-leaders in Cryptography: Yuriy Polyakov
1:04:57
1:04:57
Play later
Play later
Lists
Like
Liked
1:04:57
YouTube interview: https://www.youtube.com/watch?v=FDn0Tkhi8zw Yuriy Polyakov is the Vice President of Cryptography and a Principal Scientist at Duality Technologies. His research interests include applied lattice-based cryptography, fully homomorphic encryption, and privacy-preserving machine learning. He is also a co-founder of the open-source PA…
…
continue reading
1
World-leaders in Cryptography: Kurt Rohloff
1:29:56
1:29:56
Play later
Play later
Lists
Like
Liked
1:29:56
Video interview: https://www.youtube.com/watch?v=59Y_kya4lR8 Kurt Rohloff is an Associate Professor of Computer Science at the New Jersey Institute of Technology (NJIT) and a co-founder and CTO of Duality Technologies. He is also a co-founder of the open-source PALISADE Homomorphic Encryption Software Library, and a co-founder of the OpenFHE librar…
…
continue reading
1
World-leaders in Cryptography: Thomas Prest
1:03:24
1:03:24
Play later
Play later
Lists
Like
Liked
1:03:24
Thomas Prest is a cryptography researcher at PQShield and previously worked with Thales. He completed his PhD at the École Normale Supérieure and focuses on post-quantum cryptography and discrete algorithms. Thomas was one of the co-authors of the FALCON digital signature method and has published widely in related areas of PQC.…
…
continue reading
https://medium.com/asecuritysite-when-bob-met-alice/javascript-is-a-trademark-f4d5a7d32386By Prof Bill Buchanan OBE FRSE
…
continue reading
1
Talking with... Bill Buchanan OBE, Professor of Cryptography
1:09:21
1:09:21
Play later
Play later
Lists
Like
Liked
1:09:21
The podcast title has never been more fitting: our guest for episode 20 of Talking with Tech Leaders is a leading thinker, leading innovator and leading academic. Bill Buchanan is not only Professor of Cryptography at Edinburgh Napier University but also an Officer of the British Empire – awarded in 2017 for services to cybersecurity. The main podc…
…
continue reading
1
Leaders in Cybersecurity: Amit Gupta
1:10:07
1:10:07
Play later
Play later
Lists
Like
Liked
1:10:07
Amit Gupta is the founder and CEO of Acubed.IT, which is a company which creates innovative and secure cross-security domain solutions for customers such as the UK government. One of their key innovations is the Cross Domain Hybrid Application (CDHA) framework, and which aims to break down the barriers in sharing trusted information across multiple…
…
continue reading
1
World-leaders in Cryptography: Leslie Lamport
1:05:10
1:05:10
Play later
Play later
Lists
Like
Liked
1:05:10
Please excuse the poor quality of my microphone, as the wrong microphone was selected. In research, we are all just building on the shoulders of true giants, and there are few larger giants than Leslie Lamport — the creator of LaTeX. For me, every time I open up a LaTeX document, I think of the work he did on creating LaTeX, and which makes my rese…
…
continue reading
1
World-leaders in Cryptography: Daniel J Bernstein
1:52:48
1:52:48
Play later
Play later
Lists
Like
Liked
1:52:48
Daniel J Bernstein (djb) was born in 1971. He is a USA/German citizen and a Personal Professor at Eindhoven University of Technology and a Research Professor at the University of Illinois at Chicago. At the tender age of 24 — in 1995 — he, along with the Electronic Frontier Foundation — brought a case against the US Government related to the protec…
…
continue reading
1
World-leaders in Cryptography: Jan Camenisch
1:06:02
1:06:02
Play later
Play later
Lists
Like
Liked
1:06:02
Jan is the CTO and a Cryptographer at DFINITY, and, since 1998, he has consistently produced research outputs of rigour, novelty and sheer brilliance [here]. He was recently awarded the Levchin Prize at Real World Crypto 2024 - along with Anna Lysyanskaya. Jan’s research core happened when he was hosted in the IBM Zurich Research Lab, but has since…
…
continue reading
Ted Miracco is the CEO of Approov and which is Scottish/US company that is headquartered in Edinburgh. Miracco has over 30 years of experience in cybersecurity, defence electronics, RF/microwave circuit design, semiconductors and electronic design automation (EDA). He co-founded and served as CEO of Cylynt, which focuses on intellectual property an…
…
continue reading
1
World-leaders in Cybersecurity: Troy Hunt
55:53
55:53
Play later
Play later
Lists
Like
Liked
55:53
Troy is a world-leading cybersecurity professional. He created and runs the Have I Been Pwned? Web site, and which contains details of the most significant data breaches on the Internet. Along with this, he has developed other security tools, such as ASafaWeb, which automated the security analysis of ASP.NET Web sites. Troy is based in Australia an…
…
continue reading
1
The Greatest Step Change in Cybersecurity Ever! Welcome to the New and Scary World of Generative AI and Cybersecurity
14:18
14:18
Play later
Play later
Lists
Like
Liked
14:18
This is Day 0 of a new world of cybersecurity. Everything changes from here. There will be a time before Generative AI (GenAI) in cybersecurity and a time after it. Over the last two years, GenAI has come on leaps and bounds, and where it once suffered from hallucinations, took racist and bigoted approaches, and often was over-assertive, within Cha…
…
continue reading
1
World-leaders in Cryptography: Marty Hellman (March 2024)
1:06:08
1:06:08
Play later
Play later
Lists
Like
Liked
1:06:08
This seminar series runs for students on the Applied Cryptography and Trust module, but invites guests from students from across the university. Martin is one of the co-creators of public key encryption, and worked alongside Whitfield Diffie in the creation of the widely used Diffie-Hellman method. In 2015, he was presented with the ACM Turing Awar…
…
continue reading
1
World-leaders in Cryptography: Vincent Rijmen (March 2024)
1:09:47
1:09:47
Play later
Play later
Lists
Like
Liked
1:09:47
Vincent Rijmen is one of the co-creators of the NIST-defined AES standard (also known as Rijndael). He also co-designed the WHIRLPOOL hashing method, along with designing other block ciphers, such as Square and SHARK. In 2002, Vincent was included in the Top 100 innovators in the world under the age of 35, and, along with Joan Daemen, was awarded t…
…
continue reading
1
World-leaders in Cryptography: Whitfield Diffie
1:06:12
1:06:12
Play later
Play later
Lists
Like
Liked
1:06:12
Whitfield Diffie is one of the greatest Computer Scientists ever. He - along with Marty Hellman - was one of the first to propose the usage of public key encryption and co-created the Diffie-Hellman (DH) key exchange method. Overall, the Diffie-Hellman method is still used in virtually every Web connection on the Internet, and has changed from usin…
…
continue reading
1
Thank You, IBM … Here’s To Another 100 Years
21:48
21:48
Play later
Play later
Lists
Like
Liked
21:48
I do what I do because of one company … IBM. Why? Because in the 1970s, I got into computers, with a ZX81 (1KB of RAM) and a Dragon 32 (32 KB of RAM). They were very much home computers, and where you would rush out and buy the latest computer magazine, and then spend a happy evening entering some BASIC code that made a cursor move across the scree…
…
continue reading
1
The Builder of Our Future: Torben P Pedersen
37:21
37:21
Play later
Play later
Lists
Like
Liked
37:21
I have been lucky enough to speak to some of the most amazing people who have built the core of security on the Internet, and a person near the top of my list is … Torben P. Pedersen. The Pedersen Commitment So how do we create a world where we can store our secrets in a trusted and then reveal them when required? Let’s say I predict the outcome of…
…
continue reading
1
Inspired Edinburgh: An Interview with Professor Bill Buchanan OBE
1:27:05
1:27:05
Play later
Play later
Lists
Like
Liked
1:27:05
Video: https://www.youtube.com/watch?v=O_kMmbvu9VMBy Prof Bill Buchanan OBE
…
continue reading
1
Just Crypto Magic, Be A Teacher, And The King and Queen of Cybersecurity
15:51
15:51
Play later
Play later
Lists
Like
Liked
15:51
There short podcast on Just Magic, Be A Teacher, And The King and Queen of Cybersecurity Magic: https://medium.com/asecuritysite-when-bob-met-alice/magic-from-heaven-to-earth-1837a1a1206e The Silly World of Cybersecurity https://medium.com/asecuritysite-when-bob-met-alice/the-silly-world-of-cybersecurity-a1143b90d3f0 Giving Back What Others Have Gi…
…
continue reading
1
World-leaders in Cryptography: Bruce Schneier (Feb 2024)
56:54
56:54
Play later
Play later
Lists
Like
Liked
56:54
This seminar series runs for students in the Applied Cryptography and Trust module but invites guests from students from across the university. This seminar series runs for students on the Applied Cryptography and Trust module but invites guests from students from across the university. He has created a wide range of cryptographic methods, includin…
…
continue reading
1
A Full Diary of a Cyber Crime .. From Phishing to Profit - Part 1
10:22
10:22
Play later
Play later
Lists
Like
Liked
10:22
I’m going to show a full timeline of a Cyber Crime to show the steps that a scammer will take in order to gain funds from their target. Overall, I’m interested in seeing how a scamming crime evolves to the point of profit for the scammer. https://medium.com/asecuritysite-when-bob-met-alice/a-full-diary-of-a-cyber-crime-from-phishing-to-profit-23ab5…
…
continue reading
1
A Full Diary of a Cyber Crime .. From Phishing to Profit - Part 2
15:19
15:19
Play later
Play later
Lists
Like
Liked
15:19
I’m going to show a full timeline of a Cyber Crime to show the steps that a scammer will take in order to gain funds from their target. Overall I’m interested in seeing how a scamming crime evolves to the point of profit for the scammer. https://medium.com/asecuritysite-when-bob-met-alice/a-full-diary-of-a-cyber-crime-from-phishing-to-profit-23ab53…
…
continue reading
1
World-leaders in Cryptography: Matthew Green
59:03
59:03
Play later
Play later
Lists
Like
Liked
59:03
Matthew is a cryptographer and academic at Johns Hopkins University and has designed and analyzed cryptographic systems used in wireless networks, payment systems and digital content protection platforms. A key focus of his work is in the promotion of user privacy. He has an extensive following on X/Twitter (140K followers) and his blog covers impo…
…
continue reading
1
Professor Peter Andras: Thoughts on AI, Research and Education
1:33:45
1:33:45
Play later
Play later
Lists
Like
Liked
1:33:45
Professor Peter Andras is the Dean of the School of Computing, Engineering & the Built Environment. Previously, Peter was the Head of the School of Computing and Mathematics (2017 – 2021) and Professor of Computer Science and Informatics at Keele University from 2014 – 2021. Prior to this he worked at Newcastle University in the School of Computing…
…
continue reading
1
Bill Buchanan - Which People Have Secured Our Digital World More Than Any Other?
7:57
7:57
Play later
Play later
Lists
Like
Liked
7:57
And, so, if you could pick one or two people who have contributed most to our online security, who would it be? Ron Rivest? Shafi Goldwasser? Ralph Merkle? Marty Hellman? Whitfield Diffie? Neal Koblitz? Well, in terms of the number of data bytes protected, that prize is likely to go to Joan Daemen and Vincent Rijmen, and who created the Rijndael me…
…
continue reading
1
Bill Buchanan - Test-of-Time (ToT) for Research Papers: Some Papers Rocket, Some Papers Crash, and But Most Never Go Anywhere
8:44
8:44
Play later
Play later
Lists
Like
Liked
8:44
In research, the publishing of high-quality papers is often critical for the development of a research career: “I am an academic. It’s publish or perish.” Daniel J Bernstien. But often we measure the work in terms of quality rather than quantity. One high-quality research paper is probably worth more than the millions of papers published in predato…
…
continue reading
And, so, we are moving into one of the greatest changes that we ever see on the Internet, and where we will translate from our existing public key infrastructures towards Post Quantum Cryptography (PQC) methods. At the present time, NIST has approved one key exchange/public key encryption method (Kyber) and three digital signature methods (Dilithiu…
…
continue reading
Please excuse me for using IBM in the title — I have the greatest of respect for a company that has continued to lead and innovate over the past six decades (and who have existed for over a century). The point of this article is to showcase where you, your team or your company have a deep passion for doing something great. For this, we go back to t…
…
continue reading
1
Bill Buchanan - A Bluffer’s Guide To Encryption In The Cloud: Top 100
20:55
20:55
Play later
Play later
Lists
Like
Liked
20:55
In cybersecurity, the teaching of Cloud security is often weak. So, here are my Top 100 things about encryption in the Cloud. I’ve focused on AWS, but Azure is likely to also be applicable. Keys are created in the AWS KMS (Key Management Store). In Azure, this is named KeyVault. The cost of using a key in KMS is around $1/month (prorated hourly). W…
…
continue reading
1
Bill Buchanan - Top 101 Tips for a PhD student and ECR
18:51
18:51
Play later
Play later
Lists
Like
Liked
18:51
Well, here are a few tips for PhD students and ECR (Early Career Researchers): Enjoy doing research. It is fun and one of the few times in your career when it is solely your work. To do a PhD is a privilege and not a chore. You will likely look back on it as one of the most useful things you did in your whole career. You will always hit a dip in yo…
…
continue reading
1
Bill Buchanan - 100 Interesting Things to Learn About Cryptography
31:13
31:13
Play later
Play later
Lists
Like
Liked
31:13
Here are my 100 interesting things to learn about cryptography: For a 128-bit encryption key, there are 340 billion billion billion billion possible keys. [Calc: 2**128/(1e9**4)] For a 256-bit encryption key, there are 115,792 billion billion billion billion billion billion billion billion possible keys. [Calc: 2**256/(1e9**8)] To crack a 128-bit e…
…
continue reading
1
Talking with Tech Leaders: A Chat with Michael Phair (Be-IT)
1:09:21
1:09:21
Play later
Play later
Lists
Like
Liked
1:09:21
Interview here: https://podcasts.apple.com/us/podcast/talking-with-tech-leaders/id1533642699 https://open.spotify.com/episode/11PmWm0mlGQNAhVn8wYnInBy Michael Phair
…
continue reading
1
Bill Buchanan - A Vision for the NHS: A Citizen Wallet
6:26
6:26
Play later
Play later
Lists
Like
Liked
6:26
Your organisation needs a vision. Without it, you will never be great. You will never advance. You will keep doing the same old things and without any real purpose. A vision gives you a purpose and a focus. But, it needs to have a plan which takes you there. But, without it, how can you ever plan? For any great organisation, you start with a vision…
…
continue reading
1
Bill Buchanan - Let’s Talk About Spreadsheets
5:14
5:14
Play later
Play later
Lists
Like
Liked
5:14
I remember attending a talk many years ago, and the presenter said, “I’ve got this amazing tool called Lotus 123”, and he gave a practical demo of doing some calculations. People in the audience were stunned by the simplicity of its operation. It was the birth of the thing that drives many businesses … spreadsheets. They are just so simple to use, …
…
continue reading
1
Bill Buchanan - A Bluffer’s Guide to Blockchain: 100 Knowledge Snippets
27:23
27:23
Play later
Play later
Lists
Like
Liked
27:23
So, here’s my Top 100 snippets of knowledge for blockchain: Blockchains use public key methods to integrate digital trust. Bob signs for a transaction with his private key, and Alice proves this with Bob's public key. The first usable public key method was RSA — and created by Rivest, Shamir and Adleman. It was first published in 1979 and defined i…
…
continue reading
Blog: here. You can just imagine the movie trailer … “Your worst enemy has taken over all your flights, and you cannot remove them from your network. They demand a $1 billion ransom, or else they will bring every flight down. Bob accidentally removes one of the controllers — you now only have 25 minutes to save the lives of those in the air!” We ha…
…
continue reading
1
Bill Buchanan - The 100 Basic Rules of Cryptography (and Secure Programming)
14:43
14:43
Play later
Play later
Lists
Like
Liked
14:43
Kerckhoff’s principle defines that “a Cryptographic system should be designed to be secure, even if all its details, except for the key, are publicly known”, but there aren’t too many other rules defined. So here are my 100 Basic Rules of Cryptography (and Secure Programming). First, my Top 10: Cryptography is both an art and a science. Cryptograph…
…
continue reading
1
Bill Buchanan - A Novice Mistake: Meet Milk Sad … And The 32-bit Key!!!!!!
4:18
4:18
Play later
Play later
Lists
Like
Liked
4:18
A team of developers at Distrust and others has discovered a weakness in the cryptographic methods of creating a random seed for the Libbitcoin Explorer wallet. This is allegedly behind a number of cryptocurrency thefts on 12 July 2023, and on November 2022. The vulnerability has been given the CVE identifier of CVE-2023–39910 and dubbed Milk Sad […
…
continue reading
1
Bill Buchanan - In Cybersecurity, It’s All About Threats, Vulnerabilities, Mitigations, Detection and Risks
20:50
20:50
Play later
Play later
Lists
Like
Liked
20:50
As humans we are driven by risks and threats, and where we are continually weighing-up costs and benefits. A threat is an actual thing that could actually cause harm, loss or damage, whereas a risk is the likelihood of a specific threat happening. In our lives, too, we expose ourselves through vulnerabilities, and which are our weaknesses and which…
…
continue reading
1
Bill Buchanan - Meet New PQC Signature Contenders
9:29
9:29
Play later
Play later
Lists
Like
Liked
9:29
Digital signatures are the foundation of our digital trust. With this, Bob has a key pair: a private key and a public key. In order to provide his identity, he signs a hash of a message with his private key, and then Alice proves this with his public key. Currently, we mainly use RSA, ECDSA and EdDSA for our signature methods, and where DSA signatu…
…
continue reading
1
Bill Buchanan - When The Government Can’t Even Protect and Encrypt Our Data … What Chance The Rest?
5:35
5:35
Play later
Play later
Lists
Like
Liked
5:35
Lessons from the cybersecurity rule book for government: Lesson 1: If you have PII (Personally Identifiable Information), you should encrypt it. Lesson 2: Lock down access to encrypted data and require multifactor authentication for access. Lesson 3: All communications with citizens should be stored in an encrypted form. Lesson 4: The transmission …
…
continue reading
1
Bill Buchanan - One Of The Greatest Protocols — and One of The Greatest Weaknesses — of the Internet … Meet The Mighty BGP
17:16
17:16
Play later
Play later
Lists
Like
Liked
17:16
Blog: https://medium.com/asecuritysite-when-bob-met-alice/one-of-the-greatest-protocols-and-one-of-the-greatest-weaknesses-of-the-internet-meet-the-d8201a1e6e80 So the Internet isn’t the large-scale distributed network that DARPA tried to create, and which could withstand a nuclear strike on any part of it. At its core is a centralised infrastructu…
…
continue reading
1
Bill Buchanan - My Five Favouriate/Least Favouriate Computer Programming Languages
10:52
10:52
Play later
Play later
Lists
Like
Liked
10:52
Blog: https://medium.com/asecuritysite-when-bob-met-alice/my-five-favouriate-least-favouriate-computer-programming-languages-dd8a560c27a I love programming and think that every child should be taught it at school at an early age — and, for me, coding is for everyone. As an artist uses paint and a canvas, programming allows me to practice my art — c…
…
continue reading
1
Bill Buchanan - The Wacky World of JavaScript and npm: Protecting The Software Supply Chain
6:20
6:20
Play later
Play later
Lists
Like
Liked
6:20
Blog: https://medium.com/asecuritysite-when-bob-met-alice/the-wacky-world-of-javascript-and-npm-protecting-the-software-supply-chain-not-25662cfd1b66 JavaScript is the best and the worst of computer programming. It is able to exist in both the front end (the browser) and in the back end (with Node.js). It basically saved the Web as we moved from st…
…
continue reading
1
Bill Buchanan - Only 51 Have Been Found - Here's Mersenne Primes
10:12
10:12
Play later
Play later
Lists
Like
Liked
10:12
Blog post: https://medium.com/asecuritysite-when-bob-met-alice/only-51-have-been-found-heres-mersenne-primes-4c296a3d8091 And, so what’s the next number in the sequence 3, 7, 31, and 127? Well, it’s 8,191, and I will explain why in a little minute. If you need to test with prime numbers — such as with public key encryption — how do you remember som…
…
continue reading
1
Bill Buchanan - A Bluffers Guide To Symmetric Key Encryption Modes
8:49
8:49
Play later
Play later
Lists
Like
Liked
8:49
Blog: https://medium.com/asecuritysite-when-bob-met-alice/a-bluffers-guide-to-symmetric-key-encryption-modes-f7882881f6d Symmetric key encryption involves a single key to encrypt and decrypt and where Bob and Alice can use the same encryption key. The two most popular symmetric key methods are AES — Advanced Encryption Standard — and ChaCha20. Alon…
…
continue reading
1
Bill Buchanan - Lesson 1 in Secure Programming: Don't Reuse Your IVs
6:50
6:50
Play later
Play later
Lists
Like
Liked
6:50
Blog: https://medium.com/asecuritysite-when-bob-met-alice/lesson-1-in-secure-programming-dont-reuse-your-ivs-5666ddfa9a1c I wrote up an article on a recent Samsung vulnerability [here], and one comment said … “it’s an old bug, reuse of IV (Initialisation Vectors) seem a very basic problem”. On the face of it, the comment perhaps doesn’t go into eno…
…
continue reading
Blog: https://medium.com/asecuritysite-when-bob-met-alice/the-art-of-the-backdoor-e39f001ea8b9 Do you ever worry that your locksmith may take a copy of your key when they fit a new lock? Or that your locksmith has defined a lock which they know they have a skeleton key for? Or that your locksmith modifies the lock so that they can compromise it? An…
…
continue reading
1
Bill Buchanan - My Bluffer’s Guide to Spin-out Success
11:06
11:06
Play later
Play later
Lists
Like
Liked
11:06
I often get asked about what makes a successful university spin-out, so here are my observation for any budding academic team looking to spin out: You need a solid academic base. A PhD programme is often an excellent base for a spin-out, as it involves three or more years of extensive study into every aspect of a given field. This involves both a m…
…
continue reading