The Need for a Crypto Abstraction Layer: Utilizing HSMs with Greater Efficiency and Agility

With increasingly tough security and privacy regulations, the use of cryptography is exploding in the modern enterprise. Hardware security modules (HSMs) provide the highest standard of security and compliance, but they are difficult to use and often deployed in silos, complicating compliance and hindering crypto-agility. As competitive pressures intensify, how can cryptography be turned into an enabler of business agility and digital transformation?

Read more

Symmetric Encryption Algorithms - Their Strengths and Weaknesses, and the Need for Crypto-Agility

In this article, the second in a 3-part series on symmetric key encryption technology, we look at the development of symmetric key encryption algorithms and the range of algorithms available today along with their strengths and weaknesses, as well as the importance of crypto-agility.

Read more

Steps to reach crypto agility to get prepared for quantum computing

As the scientific community continues to push towards achieving quantum computing on a mass scale, smart companies are busy making preparations for this inevitability. While scientists disagree on whether its 5 years away or 20 (or more), the reality is that the amount of time that organizations have to prepare is quickly slipping away. These preparations go far beyond just planning for new infrastructure investments. This is especially true when it comes to the use of cryptography and crypto keys. Whether you are just beginning to plan for the quantum future or are well down the path, here are three important steps that will help you achieve crypto-agility and prepare yourself for quantum computing.

Read more

Achieving Agile Cryptography Management with Crypto Service Gateway (CSG)

CSG helps you realize business-agile and efficient crypto services, with central control of security policy and crypto hardware. In this article, we will look at some of the uses cases that address common crypto headaches whilst generating a strong return on investment.

Read more

What is Quantum Computing and how does it relate to today’s Cryptography Infrastructure Investments

The rise of quantum computing is expected to have significant impacts on both financial and technological considerations when evaluating infrastructure expansion and upgrades. Quantum computing is still being developed but gets closer to reality every day. Here we look at the high level impacts of quantum computing in relation to cryptographic infrastructure.

Read more

What is a Crypto-Abstraction Layer?

A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides cryptographic details from program developers that they don’t need to know about (such as the brand of hardware they are using for their source of random numbers). They are essential in the world of InfoSec because those who are expert developers are not usually expert cryptographers or even security personnel and so they need all the help they can get when it comes to implementing cryptography.

Read more

The benefits of an automated and centralized key management system

The aim of this article is inform you on how to implement proper key management and to answer 3 important questions regarding centralized and automated key management:

  1. What is Centralized Key Management?
  2. How can a centralized system help meet regulatory compliance?
  3. How can automation further improve the life cycle management of keys?
Read more

What is Crypto-Agility?

Crypto-agility, or cryptographic agility, is the capacity for an information security system to adopt an alternative to the original encryption method or cryptographic primitive without significant change to system infrastructure. NIST guidelines state “maintaining crypto agility is imperative” to prepare for the quantum computing era. Crypto-agility may be achieved through the adoption of new frameworks for incident response and application development, as well as the acquisition of a service software layer to facilitate crypto-agility in legacy applications.

Read more

3DES is Officially Being Retired

According to draft guidance published by NIST on July 19, 2018, the Triple Data Encryption Algorithm (TDEA or 3DES) is officially being retired. The guidelines propose that, after a period of public consultation, 3DES is deprecated for all new applications and usage is disallowed after 2023.

Read more