What is Crypto-Agility?

Crypto-agility, or cryptographic agility, is the capacity for an information security system to adopt an alternative to the original encryption method or cryptographic primitive without significant change to system infrastructure. NIST guidelines state “maintaining crypto agility is imperative” to prepare for the quantum computing era. Crypto-agility may be achieved through the adoption of new frameworks for incident response and application development, as well as the acquisition of a service software layer to facilitate crypto-agility in legacy applications.

Read more

An Introduction to the Role of HSMs for PCI DSS Compliance

The Payment Card Industry Data Security Standard (PCI DSS) helps to safeguard cardholders’ private information. The Payment Card Industry Security Standards Council (PCI SSC) enforces the standard through recommendations and requirements that aim to ensure security across all organizations involved in the processing of cardholder information.

Read more

HSMs and Key Management: Effective Key Security

Appropriate management of cryptographic keys is essential for the application of cryptography. This is often aided by the use of a hardware security module (HSM), a dedicated hardware machine with an embedded processor that offers cryptographic services to users, applications, and computers in a network, and which explicitly protects cryptographic keys at every phase of their life cycle.

Read more

Turning Cryptography into a Service - Part 2

Part 2 – Accelerating Time-to-Market

 With the increase in e-commerce and electronic communications on the one hand, and the growing challenges of cybercrime and data protection regulation on the other hand, cryptography is becoming an increasingly important business enabler.

Read more

Turning Cryptography into a Service - Part 1

Part 1 – Increasing Efficiency & Resilience

This two-part article discusses how cryptography is employed within organizations today and examines some of the challenges it raises, both for large, established enterprises and for start-ups within emerging markets such as FinTech, Internet of Things (IoT) and blockchain.

Read more

Key Management and use cases for HSMs

The rise of e-commerce enabled corporate organizations and banks to more easily expand their businesses and services around the world.

Read more

Understanding Hardware Security Modules (HSMs)

 Some time ago, I consulted a bank about their cryptography and security processing system, which was painstakingly slow. After one week of trying to find the problem, I looked at the cryptographic subsystem, which used Windows Crypto API and a certified CSP.

Read more

How to Deploy and Manage Cryptography in a Project the Right Way

With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use cryptography to prevent sensitive information from cyber attackers.

Read more

How to implement efficient Key Management in a Legacy Infrastructure

In this article, we discuss the various issues and present Cryptomathic’s approach to central key and crypto management that has been adopted by major banks. 

Read more