Enabling HSM Cryptography as an Integrated Service - Part 3 of 3

To date the deployment of encryption services and the techniques used to achieve interoperability and technical standards have always lagged behind what businesses have actually needed, or for that matter, what regulators or certain schemes are enforcing.

Having a clear vision of how your organisation can harness an enabler, such as the Crypto Service Gateway (CSG), is absolutely fundamental. This vision can be modest or aggressive and could have one, several or all of the following characteristics...

Enabling HSM Cryptography as an Integrated Service - Part 2 of 3

This second decade since the Millennium is seeing a major uplift in the use of cryptography in existing and new business systems. This uplift is likely to be disproportionately greater than the actual increase in business transaction volumes. In many instances it is the combined impact of compliance, regulatory and governments (e.g. the ICO -Information Commissioner's Office - in the UK) and perhaps most importantly organisations' customers are demanding that personal and corporate data are protected. Otherwise they move to a supplier who does. Increasingly, the use of encryption techniques is seen as an important part of the solution to the demand for providing secure access to existing business and customer data; via an ever widening range of distribution channels and device form factors...

Enabling HSM Cryptography as an Integrated Service - Part 1 of 3

There has been a substantial increase in the use of cryptographic techniques and Hardware Security Modules (HSM's) in larger commercial enterprises, and banks in particular, since the upsurge of online services in the late 1990's. Invariably this has been undertaken on a project basis, with each project having its own goals and initial budget. The enhanced security provided by project based HSM implementations results in complex integration environments that can restrict the ability to securely share HSM resources across systems that use cryptography, thereby requiring security projects to 'duplicate' existing HSM infrastructure for each project's production deployment. For a large organisation, e.g. banks, the consequences of this model are unnecessarily large cryptographic infrastructures - which are becoming increasingly costly and ultimately unsustainable to manage...

The Weakest Link in Many Cryptosystems - Part 2 of 2

RSA, a short recap In a public key scheme, and for the sake of simplicity, assume a public scheme based on encryption-decryption (as opposed to e.g. DSA, the Digital Signature Algorithm, where the digital signature generated by the secret key is verified to satisfy a mathematic equation using the corresponding public key), you have two mathematical functions, called keys, the secret key S and the public key P, a...

The Weakest Link in Many Cryptosystems – Part 1 of 2

It is well-known and appreciated by most users - even if often ignored(!) - that if you choose a weak password, you are exposing yourself to various risks. Whether your password is used for encryption of confidential data or just for access control doesn't really matter, so let's assume for a minute that it is actually used to encrypt your data - or perhaps to encrypt a key that is used to encrypt your data. The situation you are in is that...