A key block is a unique piece of cryptography that is used to protect cryptographic keys while they are being sent over networks that might not be secure. A team around Mohammed M. Atalla invented the concept of the key block with his Atalla key block. This solved several issues created by “key variants” that were then used for transporting keys.
There are several types of key block formats used in different industries, especially the retail banking industry. The systems that use these key blocks are part of heterogeneous networks. Therefore, they need to interchange their data with other systems, potentially using different key block formats or even different key binding algorithms (key wraps, key encapsulation, etc.). In what follows, we will explain how this is possible and what techniques are used to perform that.
Java’s recent Elliptic Curve Digital Signature Algorithm (ECDSA) vulnerability underscores the fact that organizations cannot rely solely on outside vendors for effective cybersecurity. The financial services industry must evolve its encryption and key management strategies in line with its changing infrastructure models, advocating an inside-out approach that has proven itself over time.
Here we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these three methods for protecting business-critical cryptographic keys used to encrypt data in the cloud.
This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten advantages as opposed to asymmetric cryptography.
With the growing need for cryptography to protect digital assets and communications, the ever-present security holes in modern computer systems, and the growing sophistication of cyber attacks, it has never been more important or harder to keep your cryptographic keys safe and secure.
A single compromised key could result in a massive data breach, resulting in reputational damage, punitive regulatory fines, and a loss of investor and customer trust.
This article looks at some reasons for popularity of the IBM mainframe platform in the banking sector and touches upon its limitation for cross-vendor encryption and key management.
Changing customer behaviour and expectations are driving the transformation of the new banking security architecture. While customers want more digital banking and financial services, they still see a bank's physical presence as a symbol of the institution's credibility and reputation.
This article proposes answers to a series of frequently asked questions (FAQs) about key blocks.
