Understanding The New FIPS 140-3

FIPS 140 (“Federal Information Processing Standard”) is a series of security standards published by the U.S. government that specify security requirements for the evaluation of cryptographic modules. This article explores various aspects of the latest release of FIPS 140-3.

Read more

ANSI X9.24-1-2017: Understanding the Card Payment Environment and the use of Symmetric Keys

The standard, ANSI X9.24-1-2017 part 1 has been written to provide minimum symmetric key management requirements and guidelines for the retail financial industry and actors involved in processing card payments.

Here we explore the different entities that form the card payment environment, as described in the norm ANSI X9.24-1-2017. We also explain why securely managing the symmetric keys used in such a context is an important way of securing transactions and, in general, of securing the whole Card Payment Environment.

Read more

An Introduction into ANSI X9.24-1-2017 part 1

ANSI X9.24-1-2017 part 1 is a standard that deals with symmetric key management techniques for retail financial services.

Read more

Summary of cryptographic algorithms - according to NIST

The cryptographic protection of a system against attacks and malicious penetration depends on two dimensions: (1) The strength of the keys and the effectiveness of mechanisms and protocols associated with the keys; and (2) the protection of the keys through key management (secure key generation, storage, distribution, use and destruction).

Read more

Overview of NIST Key Management Recommendations on Key Types and Crypto-Periods

This article introduces and classifies cryptographic key types and crypto-periods as suggested by NIST, based on proven best practices for key management. It outlines the recommendations of when and how keys are used to protect data and explains how appropriate crypto-periods can be chosen and enforced.

Read more

Centralized Key Management Systems: Challenges and Opportunities for the Next Decade

Over the last 10 years, enterprises have moved on from decentralized and distributed key management to centralized key management systems to provide secure and unified key life-cycle management.

Read more

Cryptographic Key Management Concepts: on Key Generation, Metadata, Life-cycles, Compromise and more

This article looks at the concept of cryptographic key management – what it is, why it’s important, and how an electronic key management system simplifies the task of managing a high volume of keys.

Read more

Symmetric Cryptography and Key Management: Considerations on Key Exhaustion, Rotation and Security Models

With data protection standards, such as GDPR, and the sheer mass of data that companies collect and accumulate, the protection and control of information has become increasingly important. The deployment of encryption is the backbone of any given organisation’s systems security scheme towards the goal of data protection.

Read more

The Role of Random Number Generators in Relation to HSMs & Key Management

In this article we look at the role of random number generators (RNGs) and put them into a procedural context with hardware security modules (HSMs) and key management systems (KMSs). 

Read more