cryptography
14 posts tagged with “cryptography”
Quantum Cryptography for Risk Managers or Shor, Grover, and the Crypto-Apocalypse
23-Sep-2021According to some, quantum cryptography will revolutionize cryptography, kill our current ciphers, and reveal all our secrets. But if you're…
Read More >Why Organizations Need to Become Crypto-Agile and What that Means
16-Sep-2021Cryptographic change is a reality. Since 2006, we have seen the sunset of WEP, SSLv2, RSA-1024, SSLv3 and early TLS. We know that Triple DES…
Read More >How a $1200 Graphics Card Threatens Your PCI DSS Compliance and Security
20-May-2021Organizations subject to PCI DSS compliance validation spend significant amounts of time, effort, and money to maintain and validate their…
Read More >NIST is Sunsetting Triple DES - so what will the Financial Industry do?
09-Apr-2019NIST recently published a document "Transitioning the Use of Cryptographic Algorithms and Key Lengths" which formalizes the sunset of Triple…
Read More >NIST Update to Format Preserving Encryption Standard affects PCI Use Cases
21-Mar-2019Last month NIST announced they were seeking feedback on a proposed updated guidance for FPE. More formally this is SP 800-38G rev…
Read More >NIST Moves on Sweet32 - 3DES, Blowfish, and Others - Mostly Unsafe
19-Jul-2017Now is the time to stop using 64-bit block length ciphers such as 3DES (TDEA) and Blowfish in general purpose applications of cryptography…
Read More >7 Things You Can Do To Deal With The Recent Format Preserving Encryption (FPE) Compromise
26-Apr-2017Barely a year after NIST approved Format-Preserving Encryption (FPE) based on AES they've issued a news release that one of the approved…
Read More >SHA-1 Is Dead!
23-Feb-2017History The SHA-1 cryptographic hash function was introduced in 1995. Weaknesses began to be discovered in 2005, and in 2011 NIST deprecated…
Read More >Why the Apple vs. FBI Dispute Is A Good Thing
01-Mar-2016The Internet and mainstream media has been ablaze with articles and opinion pieces about the dispute between the FBI and Apple over an…
Read More >Sunset of SSL Extended
22-Dec-2015If you’ve been struggling with keeping up with various SSL vulnerabilities and planning an orderly cutover to TLS then the recent…
Read More >Must Format Preserving Encryption (FPE) be distinguishable from cardholder data for PCI?
17-Apr-2015Previously we looked at Format Preserving Encryption (FPE) its characteristics and suitability for application in solutions intended for PCI…
Read More >PCI DSS Version 3.1 Has Arrived
15-Apr-2015The PCI Security Standards Council today published the expected update to PCI releasing these documents including some specific migration…
Read More >PCI Security Standards Council set to kill off SSL in PCI DSS/PA-DSS 3.1 updates
10-Mar-2015The PCI council has released an announcement that they are preparing an updated version of the PCI DSS (v3.1) and PA-DSS (v3.1), where they…
Read More >What is Format Preserving Encryption and is it suitable for PCI DSS?
23-Feb-2015Format Preserving Encryption or FPE is recent technology that is beginning to show up in payment solutions with the promise of simplifying…
Read More >