Encryption and Databases Are Actually Similar

We have been building encryption service for a while. I grew up in the world of encryption and many things just came with experience, without being spelled out. Here’s another why I believe in “hardware encryption”.

Continue reading Encryption and Databases Are Actually Similar

JSignPdf Now Supports Remote Signing

A great news – our CloudFoxy is now supported by JSignPdf 1.6.4. You can now sign PDF with eIDAS compliant smart-cards (or OpenPGP dongles) – zero drivers or configuration on user computers.

Continue reading JSignPdf Now Supports Remote Signing

Real-Time Certificate Info – 5,560,000,000 KeyChest Index

We have finally completed a GLOBAL certificate look-up table for real-time notifications in our re-designed KeyChest service. KeyChest has been using an external service to check for new certificates. This has become unsustainable due to the number of users and certificates we monitor.

Continue reading Real-Time Certificate Info – 5,560,000,000 KeyChest Index

ROCA details published – taste of quantum cryptography

If you want to see raised eyebrows, just say “unbreakable crypto”. Yet everyone assumes their use of crypto is “unbreakable”. Security experts know it’s safe to reject “unbreakable systems” out of hand, but they often rely on the unbreakability of security protocols day in, day out.

Continue reading ROCA details published – taste of quantum cryptography

ROCA vulnerability impact on Gemalto IDPrime .NET smart cards

We have reasonable grounds to believe that all Gemalto IDPrime .NET smart cards generate weak RSA keys vulnerable to the recently published ROCA vulnerability (CVE-2017-15361, VU#307015). Gemalto stopped selling these cards in September 2017, but there are large numbers of cards still in use in corporate environments. Their primary use is in enterprise PKI systems for secure email, VPN access, and so on.

Continue reading ROCA vulnerability impact on Gemalto IDPrime .NET smart cards

ROCA vulnerability and Axalto / Gemalto .NET v2 smartcards

I wrote about the ROCA vulnerability yesterday. It affects Infineon security chips used in TPMs and smart cards. While it is easy to identify TPM modules and computers using them, smart cards are more difficult.

Continue reading ROCA vulnerability and Axalto / Gemalto .NET v2 smartcards

ROCA – Critical vulnerability in Infineon security chips

Looking back, we can find many examples of errors in the algorithms used to create encryption keys. Not very many of them, however, were found in chips designed and sold as high-security devices for email signing, verifying software integrity, VPN access, or citizen e-ID cards.

Continue reading ROCA – Critical vulnerability in Infineon security chips

The potential of multi-party signing – as secure as its STRONGEST link

Is it really possible to design an encryption system, which is as strong as its strongest link? There is never a straight “yes” answer to this question, but we are now as close as one can get.

Continue reading The potential of multi-party signing – as secure as its STRONGEST link

Guardian, FT, etc. share their internet encryption keys with many

We have all heard about hackers stealing huge user databases with passwords as they are tempting bounties. FT, Guardian and many others create a new kind of reward – their internet encryption keys via CDNs – services speeding up web traffic.

Continue reading Guardian, FT, etc. share their internet encryption keys with many

SSL certificates – 7 Free Spot Checks in one go – KeyChest

While implementing features of the certificate planner, we have added a few handy features to the KeyChest spot checker as well. It is now much more than just a tool to check when a website certificate expires.

Continue reading SSL certificates – 7 Free Spot Checks in one go – KeyChest