Corsec covers all relevant information on the topic of Entropy and how it can affect your security certification objectives – like testing, Random Number Generation (RNG), requirements hardening, and cryptography.
In September, Corsec uncovered a policy change that would affect a number of Common Criteria evaluations following this NIAP announcement: “Per published NIST notifications, all non-56B-compliant key transport schemes will be disallowed in the U.S. government …
In the second post of our two-part series, we continue our discussion with panelists from Computer Sciences Corporation: Lachlan Turner, Jason Cunningham, and Maureen Barry. Continuing where we left off with last week’s post, we’ll dive deeper into entropy and answer some of the many questions now arising…
In the world of cryptography, data is only safe as long as the keys used to protect that data are kept secure. While, on one hand, this means that keys must be protected against unauthorized access, it also means that keys must be created in a way that makes them difficult for an attacker to guess. To produce cryptographically strong…
Is it too late to talk about the International Cryptographic Modules Conference (ICMC)? Well, it really depends on how you look at it. If you were looking for a timely recap of the conference, then yes, I guess it is. But if you missed any of the details, this might be your last chance to catch up. And planning has just begun for next year’s conference…
According to the ancient Greek philosopher Heraclitus, “There is nothing permanent except change.” As anyone following security certifications lately can tell you, there is a lot of truth in this statement. We have entered another …