CRYPTO BLOG

A collection of cryptographic articles and resources

How to Deploy and Manage Cryptography in a Project the Right Way

04. December 2015 by Ashiq JA (guest)

With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use cryptography to prevent sensitive information from cyber attackers. Cryptographic implementations are often considered to be a project bottleneck due to its time consuming nature and increasing cost within IT budgets.

In recent years, cryptography has been identified as an area that required further innovation to meet the needs of large businesses. Organizations are facing multiple challenges with the implementation and ongoing maintenance of cryptography on both new and legacy systems. In this article, we present a few recommendations based on Cryptomathic’s approach to simplifying the implementation of cryptography in a project.

Read More

Using a Centralized Key Management System to Enforce Information Security Policies

01. December 2015 by Ashiq JA (guest)

A Key Management System (KMS) must be designed in a manner that supports the goals of each organization using the KMS. The aim of a security policy is to provide a secure working environment for the organization by establishing required security measures, protocols and controls. 

It consists of the rules and requirements by an organization that governs the use of its information and services, and the security level and strategies for protecting the Confidentiality, Integrity, and Availability (CIA) of its information. 

In complex systems policies may be broken down into sub-polices or may have different policies covering different applications or categories of information.

Read More

How to implement efficient Key Management in a Legacy Infrastructure

19. October 2015 by Ashiq JA (guest)

Many banking and finance organizations face challenges during implementation and maintenance of cryptography on both new projects and legacy systems.

Over time, major banking organizations adopted network-based Hardware Security Modules (HSMs) for securing mission-critical infrastructure such as PKI and online transactions.

HSMs are dedicated hardware systems designed to store and manage private and public keys. The significant increase of of HSMs in organizations has led to scalability issues and challenges in managing cryptographic implementations.

In this article, we discuss the various issues and present Cryptomathic’s approach to central key and crypto management that has been adopted by major banks.

Read More

How To Solve The Biggest Problems With Key Management

12. August 2015 by Ashiq JA (guest)

Cryptographic keys are used to secure data-at-rest and data-in-transit. Trying to keep them protected yet always available for use is one of the most difficult problems in practical cryptography. Improper key management can lead to key leakage, where an attacker obtains the key and recovers the sensitive messages from the encrypted data.


This article discusses the key management problems and Cryptomathic's approach to solving the challenges faced by large organizations that use cryptography for variety of applications.

Read More

Is Your Crypto Due a Service?

07. March 2014 by Duncan Jones

IS YOUR CRYPTO DUE A SERVICE? soft

Recent revelations in the press have caused industry experts to question just how much trust can be placed in existing cryptographic standards or even in certain methods of generating key material. Companies must be prepared to respond quickly and effectively to such changes in the security landscape, else they risk reputational damage and significant costs in the event of a breach.

To understand why this preparation is challenging, we should consider how cryptography is commonly deployed within a business.

Read More