Claim OwnershipRoot Causes: A PKI and Security Podcast
Subscribed: 60Played: 5,050
Subscribe
© All rights reserved
Description
Digital certificate industry veterans Tim Callan and Jason Soroko explore the issues surrounding digital identity, PKI, and cryptographic connections in today's dynamic and evolving computing world. Best practices in digital certificates are continually under pressure from technology trends, new laws and regulations, cryptographic advances, and the evolution of our computing architectures to be more virtual, agile, ubiquitous, and cloud-based. Jason and Tim (and the occasional guest subject matter expert) will help you stay current on developments in this essential technology platform and to understand the whys and wherefores of popular Public Key Infrastructures.
568 Episodes
Reverse
Senior cyber security advisor Chris McGrath joins us to discuss redefining digital certificates and their role in your organizational security profile, increasing regulation of certificates, and how enterprises can up their certificate game.
We name the ten enterprise environments and use cases that are most likely to be late adopters of post quantum cryptography (PQC).
We discuss the foundational importance of time in PKI and security in general. This includes when things happen, the order in which things happen, and attacks based on time-spoofing. We drill down on certificates, roots, timestamping, Certificate Transparency, patching, audits, and PQC.
In our concluding episode on the topic, we scrutinize arguments make for and against QWACs, this time focused on "compliance and interoperability."
In our second of three episodes on the topic, we scrutinize arguments make for and against QWACs, this time focused on "governance and sovereignty."
As a follow up to our episode 546, we break down the first of three sets of arguments about QWACs and examine their level of validity.
You may have heard of side channel attacks. Now Jason explains what a side oracle attack is and how a side oracle attack in conjunction with AI could be effective against the HQC or Falcon PQC algorithms.
One of the NIST Round 3 PQC finalists that was never selected or eliminated is Classic McEliece. In this episode we explain in non-math terms how this algorithm works.
Continuing our examination of AI in 1000 days, we discuss the use of finely tuned small language models for highly specific use cases.
We discuss what happens when the quality gap between AI-generated and human-generated content drops to zero. We explore the consequences of this inevitable outcome.
In our ongoing series on what AI will look like in 1000 days, we discuss the spread of a new business process, where AIs do the bulk of the work while humans sit in the loop for certain specific tasks and roles.
Following up on our list of top 5 PQC vanguards, in this episode we detail the top 5 PQC laggards.
We describe the top five technology categories that are on the vanguard of driving PQC adoption. We describe what these categories have in common and how that results in early adoption of post quantum cryptography.
We detail the top ten groups inside the organization who introduce rogue certificates into IT organizations.
Tech watchers tend to conflate the many quantum technologies under development right now. In this episode we go through these technologies and explain how they connect.
We discuss quantum clocks and their potential role in cryptography.
We share our PKI predictions for 2026. Topics include PQC, eIDAS 2, CT logging, ACME, passkeys, CA distrust, AI model poisoning, and new attack vectors.
Jason explores the role cryptography and trust systems play in the command and control of groups of autonomous drone systems.
Certificate maximum term is shrinking. In this episode we examine exactly how short they could get.
In our ongoing series on AI in 1000 days, we describe the inevitable, complete distrust of voice printing as an authentication method, including why and what we think will happen.
Comments
Download from Google Play
Download from App Store
United States