This article introduces and classifies cryptographic key types and crypto-periods as suggested by NIST, based on proven best practices for key management. It outlines the recommendations of when and how keys are used to protect data and explains how appropriate crypto-periods can be chosen and enforced.
The payment card industry data security standard (PCI DSS) calls for all financial institutions and merchants to protect their client's sensitive data, typically including strong cryptography as dictated by PCI DSS requirement 3. Most organizations empty this burden on the IT department or IT management teams and hope that all compliance requirements are met. However, in most cases when a data breach occurs, the burden lies on the shoulders of the C-level management, who are left to answer the difficult questions.
Over the last 10 years, enterprises have moved on from decentralized and distributed key management to centralized key management systems to provide secure and unified key life-cycle management.
This article looks at the concept of cryptographic key management – what it is, why it’s important, and how an electronic key management system simplifies the task of managing a high volume of keys.
With data protection standards, such as GDPR, and the sheer mass of data that companies collect and accumulate, the protection and control of information has become increasingly important. The deployment of encryption is the backbone of any given organisation’s systems security scheme towards the goal of data protection.
In this article we look at the role of random number generators (RNGs) and put them into a procedural context with hardware security modules (HSMs) and key management systems (KMSs).
The use of both symmetric and asymmetric cryptography & keys are part of a well-rounded solution for securing digital transactions. Each approach to protecting data has its benefits, especially when applied to the appropriate scenarios. Here we look at the reasons for using each cryptographic method.
In this final article in a 3-part series on symmetric key encryption technology, we look at the use of encryption modes with symmetric block ciphers, including the need for padding and initialization vectors.
In this article, the first of a 3-part series on symmetric key encryption technology, we will look at the principles of symmetric encryption, the two types of symmetric algorithm, and the lifecycle and management of symmetric keys.
