POPULARITY
3 episodes with richard moulds
3 episodes with richard moulds
3 episodes with richard moulds
3 episodes with richard moulds
2 episodes with richard moulds
2 episodes with richard moulds
2 episodes with richard moulds
The Six Five On the Road at AWS re:Invent 2022. Patrick Moorhead and Daniel Newman sit down with Richard Moulds, GM of Amazon Braket, AWS. Their discussion covers: What is Amazon Braket? How Amazon Braket is driving education and adoption within Quantum computing The role of classical computing in accelerating the development of Quantum The future of Amazon Braket within the Quantum community
What is the current state of quantum computers, and what developments can we expect in the coming years? We talk with Richard Moulds, General Manager of AWS Bracket on the applications of quantum computers in coming years as well as how organizations are tapping into their capabilities today. He also shares how he sees quantum computing playing out, and how the democratization of the technology could make quantum computing available for all. From our Entrust Engage podcast's Post Quantum Cryptography series, originally posted in July 2022.
In this episode, Richard Moulds, General Manager of AWS Braket, discusses the current state of quantum computers. What developments we can expect in the coming years, what are the challenges, what are the applications, and how are organizations tapping into their capabilities now and in the future? Richard provides engaging insight into how he sees it playing out and how we might achieve the democratization of quantum computing making it available for all.
Quantum computing is easy to access thanks to services like Amazon Braket. But how long does it take to apply one of these systems to a real-world use case? Sometimes months. Amazon partner Quantum Computing, Inc. (QCI) has launched Qatalyst API to shorten development time on some types of quantum coding … to under a week! Join Konstantinos Karagiannis, host of The Post-Quantum World, for a chat about how Richard Moulds and Amazon are preparing for the future of high-performance quantum computing, and how Bob Liscouski and QCI are ensuring we have the code to put those systems to amazing use.For more information on Amazon Braket, visit aws.amazon.com/braket.For more information on QCI, visit www.quantumcomputinginc.com.Visit Protiviti at www.protiviti.com/postquantum to learn more about how Protiviti is helping organizations get post-quantum ready.Follow host Konstantinos Karagiannis on Twitter and Instagram: @KonstantHacker Theme song by David Schwartz, copyright 2021.
Foodservice consultant Richard Moulds talks about how people's expectations around food are changing and what that means for owners of commercial real estate. He describes a diverse set of examples, including a massive hotel development in London, a garden center in Scotland, and a leisure center in Zaragoza, Spain. Download the Global Foodservice Trends report: http://bit.ly/jllfood Richard Moulds is a Director Foodservice Consulting for JLL. James Cook is the Director of Retail Research in the Americas for JLL. Subscribe: Apple Podcasts | Spotify | Android Listen: WhereWeBuy.show Alexa: Say "Enable the Where We Buy skill" Tweet: @JamesDCook Email: jamesd.cook@am.jll.com Instagram: @jamcoo Leave a message on the Where We Buy hotline. We may use it on an upcoming show. Call (602) 633-4061 Theme music is Run in the Night by The Good Lawdz, under Creative Commons license.
Richard Moulds, General Manager of Whitewood Security, makes his triumphant return to the show! Full Show Notes: https://wiki.securityweekly.com/Episode535 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Richard Moulds, General Manager of Whitewood Security, makes his triumphant return to the show! Full Show Notes: https://wiki.securityweekly.com/Episode535 Subscribe to our YouTube channel: https://www.youtube.com/securityweekly Visit our website: http://securityweekly.com Follow us on Twitter: https://www.twitter.comsecurityweekly
Richard Moulds of Whitewood Security and Gadi Evron of Cymmetria join us for interviews, and Tim Medin of the SANS Institute delivers a tech segment on this episode of Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode535 Visit https://www.securityweekly.com for all the latest episodes! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Richard Moulds of Whitewood Security and Gadi Evron of Cymmetria join us for interviews, and Tim Medin of the SANS Institute delivers a tech segment on this episode of Paul’s Security Weekly! Full Show Notes: https://wiki.securityweekly.com/Episode535 Visit https://www.securityweekly.com for all the latest episodes! →Visit our website: https://www.securityweekly.com →Follow us on Twitter: https://www.twitter.com/securityweekly →Like us on Facebook: https://www.facebook.com/secweekly
Richard Moulds has more than 18 years experience in the security industry with a specific focus on cryptography. Richard joins us to discuss the ROCA crypto bug! Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit http://securityweekly.com/esw for all the latest episodes!
Richard Moulds has more than 18 years experience in the security industry with a specific focus on cryptography. Richard joins us to discuss the ROCA crypto bug! Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit http://securityweekly.com/esw for all the latest episodes!
Richard Moulds of Whitewood Security joins us to discuss the return of the ROCA crypto bug. In the news, Tanium expands their security platform, Carbon Black and IBM team up for a rapid response tool, improved container threat detection from StackRox, Illusive Networks introduces new mainframe deception, and more on this episode of Enterprise Security Weekly!Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit https://www.securityweekly.com/esw for all the latest episodes!
Richard Moulds of Whitewood Security joins us to discuss the return of the ROCA crypto bug. In the news, Tanium expands their security platform, Carbon Black and IBM team up for a rapid response tool, improved container threat detection from StackRox, Illusive Networks introduces new mainframe deception, and more on this episode of Enterprise Security Weekly!Full Show Notes: https://wiki.securityweekly.com/ES_Episode66 Visit https://www.securityweekly.com/esw for all the latest episodes!
Up until now, random numbers have actually been anything but. And if you need entropy in your workflow, that's not ideal. Don Pezet talks to Richard Moulds of Whitewood Security about how they've changed the encryption game.
Up until now, random numbers have actually been anything but. And if you need entropy in your workflow, that's not ideal. Don Pezet talks to Richard Moulds of Whitewood Security about how they've changed the encryption game.
Up until now, random numbers have actually been anything but. And if you need entropy in your workflow, that's not ideal. Don Pezet talks to Richard Moulds of Whitewood Security about how they've changed the encryption game.
Up until now, random numbers have actually been anything but. And if you need entropy in your workflow, that's not ideal. Don Pezet talks to Richard Moulds of Whitewood Security about how they've changed the encryption game.
Up until now, random numbers have actually been anything but. And if you need entropy in your workflow, that's not ideal. Don Pezet talks to Richard Moulds of Whitewood Security about how they've changed the encryption game.
Up until now, random numbers have actually been anything but. And if you need entropy in your workflow, that's not ideal. Don Pezet talks to Richard Moulds of Whitewood Security about how they've changed the encryption game.
In this episode of IoT Time Podcast, Ken Briodagh, editorial director at IoT Evolution (iotevolutionworld.com), sits down with Richard Moulds, General Manager, Whitewood (whitewoodsecurity.com), to talk about IoT data management, security and encryption. This episode is sponsored by IoT Evolution Presents: Enterprise Implementations at Mobile World Congress Americas (mwcamericas.com/events/partner-pr…e-implementations) on September 14 at the Moscone Center in San Francisco. To Join us or sponsor, send me a message. We are also sponsored by "IoT Time: Evolving Trends in the Internet of Things," a new book by Ken Briodagh about the ongoing influences shaping the IoT. To get a digital copy, download it here for free (www.iotevolutionworld.com/iot-ebook.aspx). A print edition is also available on Amazon for $14.99. To become a sponsor of IoT Time, please email kbriodagh@tmcnet.com or tweet @KenBriodagh.
Richard Moulds is the General Manager of Whitewood Security. Whitewood aims to help its customers to take control of the generation of random numbers across their application infrastructure. Full Show Notes: https://wiki.securityweekly.com/Episode527 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Richard Moulds is the General Manager of Whitewood Security. Whitewood aims to help its customers to take control of the generation of random numbers across their application infrastructure. Full Show Notes: https://wiki.securityweekly.com/Episode527 Subscribe to YouTube Channel: https://www.youtube.com/channel/UCg--XBjJ50a9tUhTKXVPiqg Security Weekly Website: http://securityweekly.com Follow us on Twitter: @securityweekly
Richard Moulds of Whitewood Security joins us, Larry delivers a surprise technical segment, and we discuss the latest security news! Full Show Notes: https://wiki.securityweekly.com/Episode527 Visit https://www.securityweekly.com for all the latest episodes!
Richard Moulds of Whitewood Security joins us, Larry delivers a surprise technical segment, and we discuss the latest security news! Full Show Notes: https://wiki.securityweekly.com/Episode527 Visit https://www.securityweekly.com for all the latest episodes!
The O’Reilly Security Podcast: Randomness, our dependence on entropy for security and privacy, and rating entropy sources for more effective encryption.In this episode, I talk with Richard Moulds, vice president of strategy and business development at Whitewood Encryption. We discuss whether random number generation is as random as some might think and the implications that has on securing systems with encryption, how to harness entropy for better randomness, and emerging standards for evaluating and certifying the quality of entropy sources.Here are some highlights: Randomness: The linchpin of encryption When people think about cryptography, which is a broad subject, they tend to think about encryption. They think about the algorithms we use to encrypt our data, the keys we use, and how to keep these keys secret. A key is just a random number. Generally speaking, crypto in encryption applications gets these random numbers from the operating system. There are standard calls that you can make as a software developer to get a random number. We're focused on researching how good operating systems are at actually generating random numbers. If random numbers stop being truly random, then keys become predictable and the value proposition of encryption and cryptography in general fades away. It starts to become a real issue as attackers get even stronger computers, notably quantum computers, which would make it devastatingly easy to break the crypto in encryption algorithms. These algorithms—essentially pseudorandom number generators—have been defined and certified for years, but they’re dependent on the availability of entropy. A few hundred bits of perfect randomness can be used by a pseudorandom number generator to generate hundreds of megabits or gigabits of actual random numbers that might be consumed by applications. Provided they can find entropy in the real world somewhere, the algorithms can use that to randomize their internal random number generators. Think of it like a pack of playing cards. You've got the process of dealing a pack of cards, and you've got the process of shuffling a pack of cards. The pseudorandom number generators in the operating system like Linux, for example, are the process of dealing the deck of cards. Entropy is the process of shuffling that deck of cards, randomizing the pseudorandom number generators that are in the operating system. Programming entropy into secure systems: A necessary oxymoron Entropy is fundamentally a physical property, a measure of randomness reflected in the physical world. Hardware developers and system architects have been trying to find ways of scavenging random entropy from existing sources because entropy doesn’t naturally exist in the digital world, where everything is programmed. Potential sources are everywhere, though quality varies. For example, you could calculate the entropy in the text of Romeo and Juliet and find that it has some entropy—although not very much—because it's using English words that have certain grammatical instructions and a plot that makes some sense. But entropy in the Chinese language is three times as high as entropy in English just because of the way the characters are calculated and strung together to form sentences. Everything's got entropy; the question is how you can find a source of randomness that is unpredictable and can be kept secret from attackers. For the systems that we have today, we derive entropy from things like the timing between keystrokes on the keyboard, mouse movements, the arrival of packets on a network, or the timing jitter for processes running on the CPU. None of these are perfectly random. They’re not periodic, and they’re not completely predictable, but they have some entropy. That calls into question several things: how good are these sources? How good's that distillation process? What happens if these sources dry up? Your phone has a radio antennae and a keyboard and a gyroscope and location detectors and cameras and microphones—all manner of potential entropy sources—but the issue is, when you start running crypto applications for that phone in a data center, particularly a virtualized data center, there's not much going on: no users, no noise, not even a hard drive. Worse still, if you snapshot a virtual machine and make one hundred copies to scale out a web server, then each virtual machine would have the same randomness that exists in that one particular instance. You’d actually end up replicating whatever minimal levels of entropy existed across these virtual machines, thereby undermining the randomness and, thus, the encryption. When random isn’t as random as we think Developers have generally assumed that the operating system can scavenge enough entropy to do its job when making random numbers. Very few people worry about this issue. If you think about an IT stack, you’ve got a developer who writes applications, you've got an operating system, you’ve got the physical hardware, and you’ve got the physical environment. It's fine if somebody owns that whole stack and can point cameras at lava lamps or put up microphones to capture background noise and can build a system that has sufficient entropy. It sounds funny, but people have tried all manner of crazy things to scavenge randomness. That's okay as long as you're in control of that whole system, because when you’re not, eventually your keys can start to become predictable. The issue is that, unfortunately, you can't measure the quality of your random numbers. If you could measure the output of /dev/urandom and say, "Okay, this number's good—you should use it. This number's not so good—you shouldn't use it," that would be fine, but it's not possible to do that. All a developer can do (when they don’t control the full stack) is just consume what's being delivered. There are horror stories of various studies that have tested for the reuse and duplication of keys on the internet. Even though in principle, with the length of keys that we use in modern systems, the chances should be infinitesimal that you'd ever see the same key twice, these studies have found millions of keys that are the same. Improving the status quo: NIST standards for entropy sources Years ago, the National Institute of Standards and Technology (NIST) standardized pseudorandom number generators because they're just algorithms. If you know what number you put on the input side, you can predict what number you get on the output side. Those have been around as standardized and certified for years. But the difficulties in measuring the quality of entropy sources have made entropy sourcing a tough standard to write. NIST is now on their second draft of a standard, to actually define how to measure the entropy in random number generators and to, ultimately, certify entropy sources as they apply to seeding pseudorandom number generators in operating systems for crypto applications. I think this will be a big step forward. There have been a lot of suggestions that back doors have already been built into systems to weaken random number generators. It turns out the random number generator is one of the perfect places to put a back door because it's essentially undetectable. This NIST standards draft is called SP 800-90B. There's actually a suite of these -90 standards: -90A covers pseudorandom number generators, and that's already out and finished; -90B covers entropy sources; and -90C covers the various architectures for stringing entropy sources and PRNGs together. Once it’s complete, this trio of standards will create a mechanism for certifying products and assigning them an entropy score, like a car’s average miles per gallon. The entropy score will give security architects and system administrators a way to measure the quality of their cryptosystems and the ability to attest that the encryption and key generation that's happening in their environment is up to grade.
The O’Reilly Security Podcast: Randomness, our dependence on entropy for security and privacy, and rating entropy sources for more effective encryption.In this episode, I talk with Richard Moulds, vice president of strategy and business development at Whitewood Encryption. We discuss whether random number generation is as random as some might think and the implications that has on securing systems with encryption, how to harness entropy for better randomness, and emerging standards for evaluating and certifying the quality of entropy sources.Here are some highlights: Randomness: The linchpin of encryption When people think about cryptography, which is a broad subject, they tend to think about encryption. They think about the algorithms we use to encrypt our data, the keys we use, and how to keep these keys secret. A key is just a random number. Generally speaking, crypto in encryption applications gets these random numbers from the operating system. There are standard calls that you can make as a software developer to get a random number. We're focused on researching how good operating systems are at actually generating random numbers. If random numbers stop being truly random, then keys become predictable and the value proposition of encryption and cryptography in general fades away. It starts to become a real issue as attackers get even stronger computers, notably quantum computers, which would make it devastatingly easy to break the crypto in encryption algorithms. These algorithms—essentially pseudorandom number generators—have been defined and certified for years, but they’re dependent on the availability of entropy. A few hundred bits of perfect randomness can be used by a pseudorandom number generator to generate hundreds of megabits or gigabits of actual random numbers that might be consumed by applications. Provided they can find entropy in the real world somewhere, the algorithms can use that to randomize their internal random number generators. Think of it like a pack of playing cards. You've got the process of dealing a pack of cards, and you've got the process of shuffling a pack of cards. The pseudorandom number generators in the operating system like Linux, for example, are the process of dealing the deck of cards. Entropy is the process of shuffling that deck of cards, randomizing the pseudorandom number generators that are in the operating system. Programming entropy into secure systems: A necessary oxymoron Entropy is fundamentally a physical property, a measure of randomness reflected in the physical world. Hardware developers and system architects have been trying to find ways of scavenging random entropy from existing sources because entropy doesn’t naturally exist in the digital world, where everything is programmed. Potential sources are everywhere, though quality varies. For example, you could calculate the entropy in the text of Romeo and Juliet and find that it has some entropy—although not very much—because it's using English words that have certain grammatical instructions and a plot that makes some sense. But entropy in the Chinese language is three times as high as entropy in English just because of the way the characters are calculated and strung together to form sentences. Everything's got entropy; the question is how you can find a source of randomness that is unpredictable and can be kept secret from attackers. For the systems that we have today, we derive entropy from things like the timing between keystrokes on the keyboard, mouse movements, the arrival of packets on a network, or the timing jitter for processes running on the CPU. None of these are perfectly random. They’re not periodic, and they’re not completely predictable, but they have some entropy. That calls into question several things: how good are these sources? How good's that distillation process? What happens if these sources dry up? Your phone has a radio antennae and a keyboard and a gyroscope and location detectors and cameras and microphones—all manner of potential entropy sources—but the issue is, when you start running crypto applications for that phone in a data center, particularly a virtualized data center, there's not much going on: no users, no noise, not even a hard drive. Worse still, if you snapshot a virtual machine and make one hundred copies to scale out a web server, then each virtual machine would have the same randomness that exists in that one particular instance. You’d actually end up replicating whatever minimal levels of entropy existed across these virtual machines, thereby undermining the randomness and, thus, the encryption. When random isn’t as random as we think Developers have generally assumed that the operating system can scavenge enough entropy to do its job when making random numbers. Very few people worry about this issue. If you think about an IT stack, you’ve got a developer who writes applications, you've got an operating system, you’ve got the physical hardware, and you’ve got the physical environment. It's fine if somebody owns that whole stack and can point cameras at lava lamps or put up microphones to capture background noise and can build a system that has sufficient entropy. It sounds funny, but people have tried all manner of crazy things to scavenge randomness. That's okay as long as you're in control of that whole system, because when you’re not, eventually your keys can start to become predictable. The issue is that, unfortunately, you can't measure the quality of your random numbers. If you could measure the output of /dev/urandom and say, "Okay, this number's good—you should use it. This number's not so good—you shouldn't use it," that would be fine, but it's not possible to do that. All a developer can do (when they don’t control the full stack) is just consume what's being delivered. There are horror stories of various studies that have tested for the reuse and duplication of keys on the internet. Even though in principle, with the length of keys that we use in modern systems, the chances should be infinitesimal that you'd ever see the same key twice, these studies have found millions of keys that are the same. Improving the status quo: NIST standards for entropy sources Years ago, the National Institute of Standards and Technology (NIST) standardized pseudorandom number generators because they're just algorithms. If you know what number you put on the input side, you can predict what number you get on the output side. Those have been around as standardized and certified for years. But the difficulties in measuring the quality of entropy sources have made entropy sourcing a tough standard to write. NIST is now on their second draft of a standard, to actually define how to measure the entropy in random number generators and to, ultimately, certify entropy sources as they apply to seeding pseudorandom number generators in operating systems for crypto applications. I think this will be a big step forward. There have been a lot of suggestions that back doors have already been built into systems to weaken random number generators. It turns out the random number generator is one of the perfect places to put a back door because it's essentially undetectable. This NIST standards draft is called SP 800-90B. There's actually a suite of these -90 standards: -90A covers pseudorandom number generators, and that's already out and finished; -90B covers entropy sources; and -90C covers the various architectures for stringing entropy sources and PRNGs together. Once it’s complete, this trio of standards will create a mechanism for certifying products and assigning them an entropy score, like a car’s average miles per gallon. The entropy score will give security architects and system administrators a way to measure the quality of their cryptosystems and the ability to attest that the encryption and key generation that's happening in their environment is up to grade.
There was no shortage of new and innovative technology on display at the RSA conference. We sat down with industry innovators to get their perspectives. In this RSA special edition, we’ll hear from Lance Cotrell, Chief Scientist at Ntrepid about their secure browser technology. Emily Mossberg is from Deloitte Advisory Cyber Risk Services, and she’ll give us her perspective on emerging trends in cyber risk management. Oliver Friedrichs is the CEO of Phantom, who were the winners of this year’s RSA Sandbox competition. He stresses the importance of automation. Richard Moulds from Whitewood Encryption Systems tells us about their true random number generation and delivery system, And finally, Vikram Sharma from Quintessence Labs, who’s flagship Trusted Security Foundation aims to centralize the management of encrypted keys.
© 2020-2025 Ivy Podcast Discovery LLC
