Never in the history of humankind have we advanced so fast. In just 40 years, we have built a new era and have said goodbye to the industry age. But will our future be an amazing world of opportunity where every citizen has the same opportunity as any other, or will we end up in a 1984 Big Brother world? At the core of this is the debate around privacy. Bruce Schneier sees this as a core element in building our digitally focused societies: “Privacy is an inherent human right, and a requirement f...
Jul 17, 2023•55 min•Season 2Ep. 11
We live in a strange world of cybersecurity. An auditor might ask a company if they encrypt their data? And the company may reply that they do, and so the auditor would tick that off. But encryption does not just involve the privacy of data; it also involves integrity checking and setting up digital trust. Along with this, there are many ways to implement methods, including key derivation, public key integration, hashing methods, and encryption modes. And, so, last week I outlined how some AES m...
Jul 17, 2023•16 min•Season 2Ep. 6
In cybersecurity, you get those who pedal snake oil, and others that just try to scare you. The gap is that the advice is not given in an educated way , and basically just scares people (or gets them to buy the latest security product). These days, the chances of someone cracking your password from a hashed version is likely to be minimal. For one, the chances of getting access to the hashed version of a password is extremely low , and for two, the password is typically stored in a way that will...
Jul 17, 2023•16 min•Season 2Ep. 7
The worm is turning! C and C++ have ruled the core of our digital world for a long time and still do. But, they do not handle memory well, where we get buffer overflows (Morris Worm, SQL Slammer, and so many more) or buffer underflows (Heartbleed). This can involve a stack overflow attack , and where the program writes too much data to the stack that has been allocated for a given buffer, and for a heap overflow attack , where we overrun the memory into a space that is not allocated for a buffer...
Jul 17, 2023•16 min•Season 2Ep. 7
We are human, and, like it or not, we lie. Why? Because we might not want to admit to some truth, or where we might want to seem knowledgeable. It is a human attribute, and it defines us. Overall, our intelligence weighs up the cost and reward and makes a decision as to whether we should tell the truth or not. Ask a child about who eat a biscuit, and there’s a chance they will lie because they do not want the punishment or do not want to tell tales about their friend. And so, as we go through ou...
Jul 17, 2023•16 min•Season 2Ep. 8
I receive a good deal of incorrect emails on my Gmail account. Most of it relates to the gathering of war veterans in the US or church events in Illinois that I must attend. Why? Because someone, somewhere, has a similar email address to me. Perhaps it is Bill Buchan or Will Buchanan? Who knows, but I get them constantly, and where I discretely decline the invite and ask them to check the email address. Overall, I never embarrass those who send me these emails by responding back to the whole gro...
Jul 17, 2023•16 min•Season 2Ep. 9
Rock singers often say that it was their adversity that drove them to create their classics, such as heartache, sorrow, or losing something in their lives. And, so, we might quote: Sweet are the uses of adversity — William Shakespeare One such person who had considerable adversity is Leonhard Euler and who lived from 1707 to 1783. Leonhard was truly one of the greatest minds who has ever graced this planet: “Read Euler, read Euler, he is the master of us all” — Pierre-Simon Laplace But, he suffe...
Jul 17, 2023•16 min•Season 2Ep. 9
So while there is much debate around people like Tim Berners-Lee and Vint Cerf, we should also include “The Editor of the Internet”: Jon Postel. Jon was born on 6 August 1943 and died in October 1998. Even up to his death, he was the editor of the Request for Comment (RFC) documents and administered the Internet Assigned Numbers Authority (IANA). In 2012, he was inducted into the Internet Hall of Fame by the Internet Society, and the foundation he has left is as strong as any foundation ever cre...
Jul 17, 2023•16 min•Season 2Ep. 10
Preface We should all have a magic switch that pushes aside our worries and replaces them with something that takes our woes away. So, when I’ve had a long and tiring day, and there are things buzzing in my head — I don’t count sheep, I ponder the wonder of discrete logarithms, and in the magical ways they have solved our many online security. It relaxes me and pushes out all of those academic stresses. This academic year, we were so lucky to speak to some of the people who properly built the fo...
Jul 17, 2023•16 min•Season 2Ep. 11
I love wireless (wi-fi) communications. In fact, I did my PhD around the propagation of radio waves using Maxwell’s equations. The beauty and perfection of radio waves will never leave me. The first thing you often learn about wifi is how the frequency of the wave relates to its wavelength (lambda=speed of light divided by the frequency) and how dipole antennas have to be around half a wavelength long. For AM, there are long antennas (such as, with the ones that wrap copper around a core) or can...
Jul 14, 2023•19 min•Season 2Ep. 5
I have a secret. And you have a secret. And together, we can merge our secret into another secret. What I am outlining here is the beauty of the Elliptic Curve Diffie Hellman (ECDH) method, and it is protecting your rights to privacy in the access that you have to this podcast. And what about trust? Well, there’s a chance that the Web site that you are receiving this podcast from is using the ECDSA (Elliptic Curve Digital Signature Algorithm) to verify that you can trust the site. And, so, in th...
Jul 13, 2023•25 min•Season 2Ep. 4
Here Harry McLaren talks with Rich Macfarlane and Bill Buchanan. What's the key to finding a job within Cybersecurity? A balance of technical competencies (networking, OS, services, programming, and so on) and human intelligence (self-awareness, self-regulation, motivation, empathy and social skills). The slides are here . For Splunk/Cyber&Data: here ....
Jul 13, 2023•1 hr 56 min•Season 2Ep. 3
This is a basic introduction to the Building Trust podcast.
Jul 13, 2023•54 min•Season 3Ep. 1
In this episode Professor William Buchanan OBE takes us back through the patents that gave rise to the security for the internet as we know it.
Jul 13, 2023•43 min•Season 1Ep. 5
In this podcast, we will outline some of the design choices that Satoshi Nakamoto made for the hashing of the private key to the public ID, especially on the selection of the two hashing methods of SHA-256 and RIPEMD160.
Jul 13, 2023•17 min•Season 2Ep. 1
So how do we create a world where we can store our secrets in a trusted and then reveal them when required? Let’s say I predict the outcome of an election, but I don’t want to reveal my prediction until after the election. Well, I could store a commitment to my prediction, and then at some time in the future, I could reveal it to you, and you can check against the commitment I have made. Anyone who views my commitment should not be able to see what my prediction is. This is known as Pedersen Com...
Jul 12, 2023•58 min•Season 1Ep. 15
Note: TeamViewer is not a malicious piece of software when normally used. The scammer wanted to install a remote desktop on my machine with it.
Jul 11, 2023•7 min•Season 1Ep. 15
Jean-Philippe (JP) Aumasson is a true innovator in cryptography, and especially in the creation of fast, secure and light-weight hashing methods. He co-designed the BLAKE hashing method [ here ], and which is currently the fastest secure cryptographic hashing function. Along with this, he worked with Daniel J Bernstein on SipHash [ here ], and created the Cryptography Coding Standard. JP also created the Quark light-weight hashing method, and is also the author of "Serious Cryptography: A Practi...
Jul 11, 2023•1 hr 1 min•Season 1Ep. 8
Neal I. Koblitz is a Professor of Mathematics at the University of Washington. He is a co-inventor of Elliptic Curve Cryptography (ECC). His original paper was published in 1987 and entitled "Elliptic curve cryptosystems" [1]. Overall, ECC is one of the greatest breakthroughs in cryptography and which has largely replaced discrete logarithm methods in key exchange and has replaced the RSA method in many applications for digital signing. Overall, elliptic curve methods are now used extensively wi...
Jul 11, 2023•1 hr 14 min•Season 1Ep. 10
In this episode Professor William Buchanan OBE talks with Professor Keith Martin, from the Royal Holloway, about the intersection of information security and academia, privacy and digital footprints.
Jul 11, 2023•48 min•Season 1Ep. 14
In research, we build on the shoulders of giants, and Taher Elgamal is one the giants of cybersecurity. His work on Netscape led to the creation of SSL, and for which much of our Web security is still built on. His paper on "A public key cryptosystem and a signature scheme based on discrete logarithms" is true classic, and has been referenced over 11,600 times. Within the paper, Tahir outlined an encryption method and a digital signature method. His ‘base’ was to take John Napier’s logarithm, an...
Jul 11, 2023•1 hr 11 min•Season 1Ep. 7
In this episode Professor William Buchanan OBE talks with by Dan Shumow, Senior Software Development Engineer in the Security and Cryptography group, about cryptography, RSA and the researcher’s mindset.
Jul 11, 2023•1 hr 14 min•Season 1Ep. 11
Len is a co-creator of the RSA encryption algorithm [1] and received the 2002 Turing Award (often defined as the Nobel Prize of Computer Science). The RSA paper is one of the most significant computer science papers ever published and has received over 25,695 citations. Len is also known for the creation of DNA computing. He is a professor at the University of Southern California and a member of the National Academy of Sciences. [1] Rivest, R. L., Shamir, A., & Adleman, L. (1978). A method f...
Jul 11, 2023•1 hr 3 min•Season 1Ep. 9
In this episode Professor William Buchanan OBE talks with Professor Martin Hellman, a world-renowned cryptologist and a founder of public key encryption, about cryptography and ethics.
Jul 11, 2023•1 hr 2 min•Season 1Ep. 4
In this episode Professor William Buchanan OBE talks with Professor Leonard Adleman, from the University of Southern California, about the endurance of RSA, DNA as a computational substrate and the contention between national security and privacy.
Jul 10, 2023•1 hr 5 min•Season 1Ep. 5
In this episode Professor William Buchanan OBE talks with Professor Alan Woodward from University of Surrey about his illustrious career as a Physicist, Consultant, Researcher and Professor.
Apr 14, 2022•1 hr 14 min•Season 1Ep. 3
In this episode Professor William Buchanan OBE is joined by Nick Sullivan, head of research at Cloudflare, to discuss the mathematics of cryptography, public key encryption, and the implications of quantum computing.
Apr 07, 2022•1 hr 20 min•Season 1Ep. 2
In this Episode Professor William Buchanan OBE talks with Federico Charosky about the past, present and future of the information security industry, what it takes to innovate as an entrepreneur and his view on the intersection between industry and academia.
Mar 31, 2022•50 min•Season 1Ep. 1
