Here we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these three methods for protecting business-critical cryptographic keys used to encrypt data in the cloud.
Here we look at what it means to “bring your own key”, “control your own key” and “hold your own key” and what the differences are between these three methods for protecting business-critical cryptographic keys used to encrypt data in the cloud.
Encryption key management systems are now essential for all companies needing to lockdown data in the cloud, says Matt Landrock, CEO, Cryptomathic Inc.
One aspect of key management is dealing with what happens when a symmetric cryptographic key is no longer needed. The section ‘Key Replacement, Destruction and Archiving’ within ANSI X9.24-1-2017 explains what needs to happen.
This article describes from a CISO perspective how to manage and protect security assets in large organisations, i.e. the cryptographic keys and suggests adequate procedures and systems.
The Heartbleed security vulnerability, publicised in March 2014, received an abundance of media attention as it exposed over 1 million web servers worldwide relying on OpenSSL version 1.0.1. The bug was corrected shortly after the leak with the release of OpenSSL v1.0.1g on April 7th 2014. However, estimates suggest that around 2/3 of organisations with public-facing systems are still vulnerable to the attack.
This article addresses some of the challenges of symmetric cryptography as applied in banks, describing how it works and what are its unbeaten advantages as opposed to asymmetric cryptography.
The ANSI X9.24-1-2017 standard defines the requirements for the loading of key components or shares, and the loading of cleartext keys. The loading of encrypted keys is described in other parts of the standard.
With the growing need for cryptography to protect digital assets and communications, the ever-present security holes in modern computer systems, and the growing sophistication of cyber attacks, it has never been more important or harder to keep your cryptographic keys safe and secure.
A single compromised key could result in a massive data breach, resulting in reputational damage, punitive regulatory fines, and a loss of investor and customer trust.
Part 2 – Accelerating Time-to-Market
With the increase in e-commerce and electronic communications on the one hand and the growing challenges of cybercrime and data protection regulation, on the other hand, cryptography is becoming an increasingly important business enabler.
This article looks at some reasons for popularity of the IBM mainframe platform in the banking sector and touches upon its limitation for cross-vendor encryption and key management.