This article is meant to be an introduction to the different types of cryptographic keys that are used to protect digital applications.
This article is meant to be an introduction to the different types of cryptographic keys that are used to protect digital applications.
With the growing need for cryptography to protect digital assets and communications, the ever-present security holes in modern computer systems, and the growing sophistication of cyber attacks, it has never been more important or harder to keep your cryptographic keys safe and secure.
A single compromised key could result in a massive data breach, resulting in reputational damage, punitive regulatory fines, and a loss of investor and customer trust.
A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides cryptographic details from program developers that they don’t need to know about (such as the brand of hardware they are using for their source of random numbers). They are essential in the world of InfoSec because those who are expert developers are not usually expert cryptographers or even security personnel and so they need all the help they can get when it comes to implementing cryptography.
In this second installment of a three-part series on symmetric key encryption technology, we look at the evolution of symmetric key encryption algorithms, the variety of algorithms available today, their strengths and weaknesses, and the importance of crypto-agility.
“Quantum computing” is computation performed using a computing device based on the strange, counter-intuitive physical properties of matter at very small scales, known as quantum mechanics.
Crypto-agility, or cryptographic agility, is the capacity for an information security system to adopt an alternative to the original encryption method or cryptographic primitive without significant change to system infrastructure. NIST guidelines state “maintaining crypto agility is imperative” to prepare for the quantum computing era. Crypto-agility may be achieved through the adoption of new frameworks for incident response and application development, as well as the acquisition of a service software layer to facilitate crypto-agility in legacy applications.
According to draft guidance published by NIST on July 19, 2018, the Triple Data Encryption Algorithm (TDEA) or 3DES is officially being retired. The guidelines propose that, after a period of public consultation, 3DES is deprecated for all new applications and usage is disallowed after 2023.
The Payment Card Industry Data Security Standard (PCI DSS) is an information security standard to prevent credit card scams and numerous additional security threats & vulnerabilities.
