Microsoft’s Azure Key Vault Managed HSM allows customers to safeguard their cryptographic keys for their cloud applications and be standards-compliant. It is a highly available, fully managed, single-tenant cloud service that uses FIPS 140-2 Level 3 validated hardware security modules (HSMs). Here we will discuss the reasons why customers who have a centrally managed key management system on-premises in their data center should use a hosted HSM for managing their keys in the MS Azure Key Vault.

This article looks at some reasons for popularity of the IBM mainframe platform in the banking sector and touches upon its limitation for cross-vendor encryption and key management.

Among all the various key block formats, the TR-34 format is undoubtedly one of the most sophisticated formats.

The TR-34 norm is an implementation of the X9.24-2 norm. It proposes a realistic and efficient way of exchanging symmetric keys using asymmetric cryptography. This is basically a certificate-based Remote Key Loading (RKL) protocol. 

This article explains the four primary cloud KMS pattern combinations and which are best suited for use with Cryptomathic’s Key Management System (CKMS).

Bring your own key (BYOK) is a popular term relating to key management for cloud applications. However, a lack of standardization makes it confusing to understand the various meanings that exist under bring your own key. To help understand this, the Cloud Security Alliance (CSA) in its document “Key Management in Cloud Services” has been helpful in describing the various meanings and concepts surrounding “Bring Your Own Key.”

This article proposes a few answers to a series of frequently asked questions (FAQs) about key blocks and their use with PCI.

This article proposes answers to a series of frequently asked questions (FAQs) about key blocks.

As part of the global drive for digital transformation, legally binding digital signatures are at the forefront of many businesses’ ambitions to provide an enhanced and complete digital customer journey. Even though most people can understand the general concept of digital signatures, reaching the highest level of assurance with a Qualified Electronic Signature contains quite a few things to consider.

Here we provide a high-level comparison between Cryptomathic Signer and other eIDAS remote signing solutions available in the market.

One aspect of key management is dealing with what happens when a symmetric cryptographic key is no longer needed. The section ‘Key Replacement, Destruction and Archiving’ within ANSI X9.24-1-2017 explains what needs to happen.