Let’s Encrypt – bringing crypto to the masses

https://letsencrypt.org

Let’s Encrypt is a free, automated, and open certificate authority (CA), run for the public’s benefit. Let’s Encrypt is a service provided by the Internet Security Research Group (ISRG).

The key principles behind Let’s Encrypt are:

  • Free: Anyone who owns a domain name can use Let’s Encrypt to obtain a trusted certificate at zero cost.
  • Automatic: Software running on a web server can interact with Let’s Encrypt to painlessly obtain a certificate, securely configure it for use, and automatically take care of renewal.
  • Secure: Let’s Encrypt will serve as a platform for advancing TLS security best practices, both on the CA side and by helping site operators properly secure their servers.
  • Transparent: All certificates issued or revoked will be publicly recorded and available for anyone to inspect.
  • Open: The automatic issuance and renewal protocol will be published as an open standard that others can adopt.
  • Cooperative: Much like the underlying Internet protocols themselves, Let’s Encrypt is a joint effort to benefit the community, beyond the control of any one organization.

There was a talk at 31c3, which you can find here

https://www.youtube.com/watch?v=OZyXx8Ie4pA

Crypto 101

https://www.crypto101.io/

Crypto for everyone:

Crypto 101 is an introductory course on cryptography, freely available for programmers of all ages and skill levels.

Reddit Post

Crypto 101: the presentation

Crypto 101 started as a presentation at PyCon 2013. It tries to go through all of the major dramatis personae of cryptography to make TLS work in 45 minutes. This book is the natural extension of that, with an extensive focus on breaking cryptography.

 

 

Bruce Schneier Talk at MIT: NSA Surveillance and What To Do About It

http://bigdata.csail.mit.edu/node/154

Edward Snowden has given us an unprecedented window into the NSA’s surveillance activities.  Drawing from both the Snowden documents and revelations from previous whistleblowers, this talk describes the sorts of surveillance the NSA conducts and how it conducts it.  The emphasis will be on the technical capabilities of the NSA, and not the politics or legality of their actions.  I will then discuss what sorts of countermeasures are likely to frustrate any nation-state adversary with these sorts of capabilities.  These will be techniques to raise the cost of wholesale surveillance in favor of targeted surveillance: ubiquitous encryption, target dispersal, anonymity tools, and so on.

 

Direct Link here if your Browser has embed  Issues