Peter Smirnoff (guest)

Peter is an internationally active cryptography scientist. Peter has a long experience in Cryptography, both in industry and research. Peter has worked on the Windows Crypto API, OpenSSL, digital signatures, X 509 Certificates etc. He has profound implementation experience with PKCS-11 smart-cards as well on Linux and Windows platforms.

Summary of the Practical Key Management Challenges Behind Symmetric Cryptography in Financial Institutions 

This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten advantages as opposed to asymmetric cryptography.

Read more

The private life of private keys

A private cryptographic key is an extremely sensitive piece of information, and requires a whole set of special security measures to protect it. This article outlines some problems with key management relating to the life cycle of private cryptographic keys. There are many types of cryptographic keys; each type has own inherent challenges. Here, we outline some of the challenges we meet when managing the life cycle of asymmetric cryptographic keys and pairs.

Read more

Cryptographic Operations - Best Practices To Make Your System Secure

This article outlines cryptographic operations and best practices you should follow to make your applications or systems secure.

Read more

Manual vs. Automated Key Management

This article evaluates and compares manual and automated cryptographic key management. It looks at security-related issues as well as organizational and economic aspects.

Read more

Harmonizing digitally signed data between Russia and the EU - a Russian Perspective

This article discusses why cryptographically protected data exchange between the EU and Russia (and other countries) is still difficult to implement.

Read more

Understanding Hardware Security Modules (HSMs)

 Some time ago, I consulted a bank about their cryptography and security processing system, which was painstakingly slow. After one week of trying to find the problem, I looked at the cryptographic subsystem, which used Windows Crypto API and a certified CSP.

Read more