A collection of cryptographic articles and resources

Generating Cryptographic Keys: Will Your Random Number Generators (PRNGs) Do The Job?

22. February 2017 by Chuck Easttom (guest)

Conversations about cryptography are common place in the cyber-security world.  One can find security professionals discussing everything from PKI to issues with RSA.  But while we are discussing issues with algorithms, implementation of cryptographic protocols, authentication algorithms, and other such topics, we often lose sight of a fundamental part of the entire process – key generation.

Read More

Simplifying the Complex Process of Auditing a Key Management System for Compliance

01. April 2016 by James H. Reinholm (guest)

This article explains some of the cryptographic key management tasks involved in demonstrating and proving compliance to acceptable standards, and how this process can be simplified by centralization, automation, and adequate preparation.

Read More

Key Management Interoperability Protocol (KMIP): achievements and challenges

23. March 2016 by Dawn M. Turner (guest)

The Key Management Interoperability Protocol standard intends to provide interoperability across various key management environments and hence to reduce costs and increase efficiency of heterogenious cryptographic applications.

However, there are 3 tendencies which challenge the current standard and its interoperability protocol: a) the shift of a big share of internet traffic towards mobile communications, b) the growing Internet of Services with the related service-based communication and c) the advance of cloud computing.

This article first looks at the achievements of KMIP so far, then sheds light on the current challenges to and shortcomings of the protocol and tries to provide answers and solutions to these in the remainder of the article.

Read More

What is Key Management? a CISO Perspective

21. February 2016 by Dawn M. Turner (guest)

Key management refers to managing cryptographic keys within a cryptosystem. It deals with generating, exchanging, storing, using and replacing keys as needed at the user level. A key management system will also include key servers, user procedures and protocols, including cryptographic protocol design. The security of the cryptosystem is dependent upon successful key management.

This article introduces into key management from a perspective of a CISO or any person in charge of maintaining information security within an organization.

Read More

How to Deploy and Manage Cryptography in a Project the Right Way

04. December 2015 by Ashiq JA (guest)

With the ever increasing number of online services and electronic transactions, business owners are becoming ever more dependent on the use cryptography to prevent sensitive information from cyber attackers. Cryptographic implementations are often considered to be a project bottleneck due to its time consuming nature and increasing cost within IT budgets.

In recent years, cryptography has been identified as an area that required further innovation to meet the needs of large businesses. Organizations are facing multiple challenges with the implementation and ongoing maintenance of cryptography on both new and legacy systems. In this article, we present a few recommendations based on Cryptomathic’s approach to simplifying the implementation of cryptography in a project.

Read More