Encryption and Databases Are Actually Similar

We have been building encryption service for a while. I grew up in the world of encryption and many things just came with experience, without being spelled out. Here’s another why I believe in “hardware encryption”.

“Read More”

KeyChest becomes part of Radical Prime Limited

As the core technology of Enigma Bridge had been in its cloud encryption platform, there was always a question whether we wanted to keep use-cases of this technology under the same company. This thinking resulted in a decision to create a spin-off. This was executed in January 2018 and resulted in funding of Radical Prime Limited.

“Read More”

Major KeyChest Incident – We Turn It Into Serious Business

KeyChest HTTPS monitoring started small – to help us manage our certificates and its free service grew with interest. It’s the right approach from the business point of view, but it has its dark side. A major incident flashed it out last Saturday.

“Read More”

ROCA details published – taste of quantum cryptography

If you want to see raised eyebrows, just say “unbreakable crypto”. Yet everyone assumes their use of crypto is “unbreakable”. Security experts know it’s safe to reject “unbreakable systems” out of hand, but they often rely on the unbreakability of security protocols day in, day out.

“Read More”

ROCA vulnerability and Axalto / Gemalto .NET v2 smartcards

I wrote about the ROCA vulnerability yesterday. It affects Infineon security chips used in TPMs and smart cards. While it is easy to identify TPM modules and computers using them, smart cards are more difficult.

“Read More”

ROCA – Critical vulnerability in Infineon security chips

Looking back, we can find many examples of errors in the algorithms used to create encryption keys. Not very many of them, however, were found in chips designed and sold as high-security devices for email signing, verifying software integrity, VPN access, or citizen e-ID cards.

“Read More”

Enigma Bridge encryption gets recognition – DEFCON, BlackHat, and ACM CCS

Category : crypto , enigmabridge , security , UCL

We have had a busy Summer so far. We introduced a new service for SSL certificate monitoring (keychest.net), presented at Black Hat USA, and gave a talk at DEFCON. The latest news was recognition of our cryptographic platform by reviewers of the ACM CCS conference.

“Read More”

Let’s Encrypt in the spotlight

We have compiled all practical information we could find and written it up at Numbers you need to know. It’s a long list of restrictions, rate limits, and other useful information to keep in mind.  Here’s a few selected points that we found interesting. Big thanks to schoen from Certbot/EFF for pointing out numerous inaccuracies.

“Read More”

As secure as rock, paper, scissors at once – Art of Defence, Demo at DEFCON

Category : crypto , enigmabridge , UCL

A team of great people from the Security Group at UCL and our start-up Enigma Bridge designed and implemented a practical security system tolerant to severe attacks compromising all parts of the supply chain. We will present and demonstrate it at DEFCON in Las Vegas.

“Read More”

The potential of multi-party signing – as secure as its STRONGEST link

Is it really possible to design an encryption system, which is as strong as its strongest link? There is never a straight “yes” answer to this question, but we are now as close as one can get.

“Read More”

Browse by date

Dec 2018
« Nov