Achieving Agile Cryptography Management with Crypto Service Gateway (CSG)

CSG helps you realize business-agile and efficient crypto services, with central control of security policy and crypto hardware. In this article, we will look at some of the uses cases that address common crypto headaches whilst generating a strong return on investment.

Read more

Symmetric Key Encryption - why, where and how it’s used in banking

In today’s cyber-world there is an ever-present risk of unauthorized access to all forms of data. Most at risk is financial and payment system data that can expose the personal identifying information (PII) or payment card details of customers and clients. Encryption is crucial for protecting PII and mitigating the risks that businesses which conduct payment transactions face every minute of every day.

In this article we will talk about symmetric encryption in banking, its advantages and some challenges of managing the keys.

Read more

What is Quantum Computing and how does it relate to today’s Cryptography Infrastructure Investments

The rise of quantum computing is expected to have significant impacts on both financial and technological considerations when evaluating infrastructure expansion and upgrades. Quantum computing is still being developed but gets closer to reality every day. Here we look at the high level impacts of quantum computing in relation to cryptographic infrastructure.

Read more

What is a Crypto-Abstraction Layer?

A crypto-abstraction layer (CAL) is, in its most general sense, an application programming interface (API) - also known as a library- that hides cryptographic details from program developers that they don’t need to know about (such as the brand of hardware they are using for their source of random numbers). They are essential in the world of InfoSec because those who are expert developers are not usually expert cryptographers or even security personnel and so they need all the help they can get when it comes to implementing cryptography.

Read more

The benefits of an automated and centralized key management system

The aim of this article is inform you on how to implement proper key management and to answer 3 important questions regarding centralized and automated key management:

  1. What is Centralized Key Management?
  2. How can a centralized system help meet regulatory compliance?
  3. How can automation further improve the life cycle management of keys?
Read more

What is Crypto-Agility?

Crypto-agility, or cryptographic agility, is the capacity for an information security system to adopt an alternative to the original encryption method or cryptographic primitive without significant change to system infrastructure. NIST guidelines state “maintaining crypto agility is imperative” to prepare for the quantum computing era. Crypto-agility may be achieved through the adoption of new frameworks for incident response and application development, as well as the acquisition of a service software layer to facilitate crypto-agility in legacy applications.

Read more

3DES is Officially Being Retired

According to draft guidance published by NIST on July 19, 2018, the Triple Data Encryption Algorithm (TDEA or 3DES) is officially being retired. The guidelines propose that, after a period of public consultation, 3DES is deprecated for all new applications and usage is disallowed after 2023.

Read more

Quantum Computing and its Impact on Cryptography

“Quantum computing” is computation performed using a computing device based on the strange, counter-intuitive physical properties of matter at very small scale, known as quantum mechanics.

Read more

How To Solve The Biggest Problems With Key Management

Cryptographic keys are used to secure data-at-rest and data-in-transit. Trying to keep them protected yet always available for use is one of the most difficult problems in practical cryptography. Improper key management can lead to key leakage, where an attacker obtains the key and recovers the sensitive messages from the encrypted data.


This article discusses the key management problems and Cryptomathic's approach to solving the challenges faced by large organizations that use cryptography for variety of applications.

Read more