Articles
Collaborating with NCSU to deliver certificate validation and crypto validation reusable implementations.
Cryptography is very important in today’s world. Improper or maliciously altered crypto implementations have been a concern for the industry in recent years. On another topic, improperly validated X.509 certificates can pose a serious security concern for Web Authentication today. To address these c…
Towards Backward-Compatible Post-Quantum Certificate Authentication
We have blogged about post-quantum cryptography before. Quantum computers would pose a threat to PKI algorithms and systems that we know today. Cisco, with our academic collaborators, has been focusing on quantum-resistant hash-based signatures for a few years now with LMS and SPHINCS+ and more. NIS…
Collaborating with NCSU to promote lightweight crypto validation and assessment
Cryptography is very important in today’s world. Improper or maliciously altered crypto implementations have been a concern for the industry in recent years. To alleviate the risk, Cisco has been working with the industry, the National Institute of Standards and Technology (NIST) and other internati…
Taking certificate enrollment to the next level
Bouncy Castle adds support for EST Note: We would especially like to thank the Crypto Workshop team for their contributions to this post and the fruitful collaboration. Recently Crypto Workshop has been working on adding support for the EST protocol in Bouncy Castle (BC) Cryptography APIs. Bouncy Ca…
Lessons Learned from Testing Cisco EST Implementations with Entrust Datacard
[Note: We would especially like to thank the Entrust Datacard team for their contributions to this post and the fruitful collaboration. More info at Entrust Datacard’s Digital DNA blog series and Twitter handle (@entrustdatacard).] Products and solutions do not operate in silos. In technology, inter…
FIPS and Deterministic ECDSA: Achieving robust security and conformance
Digital signatures are used to verify the authenticity of a message. For example, when a message is signed, the verifier can rest assured that only the signer could have signed it. ECDSA and DSA are two widely used, standardized digital signature schemes. In order to sign a message, internally both…
Lessons Learned from Testing Cisco EST Implementations for Interoperability with DigiCert
Thanks to DigiCert for their contributions co-authoring this post. Interoperability for technology solutions is a top priority—standards used in these solutions become irrelevant when products operate in a silo. Thus, shifting to a new protocol in any solution takes careful consideration and collabo…
ETSI/IQC’s 4th Workshop on Quantum-Safe Cryptography
Quantum computers could break commonly used public key algorithms, which would affect cryptography used today. For that reason, there has been great attention on quantum safe crypto recently. We have blogged about it in numerous occasions [1], [2] , [3]. In that context, last week the 4th ETSI/IQC o…
Quantum-resistant signatures: an update
Quantum-resistant crypto Recently there has been great media attention on Quantum Computers (QC) and their potential impact on current cryptography standards. We blogged about it in 2015. All of this attention has drawn out critical efforts from many in academia and industry to solve problems with…