March 2020

This Month:

  • Crypto challenge record set
  • What's the real impact of cryptography failures?
  • Your cloud migration questions answered
  • Have physicists cracked perfect secrecy
  • What are your keys really doing?
  • New Cryptosense Whitepaper: Cryptography Inventory
  • The Let’s Encrypt certificate authority authorization incident

Crypto Challenge Record Set

A team of computer scientists has set a new record for integer factorization, one of the most important computational problems underlying the security of nearly all public-key cryptography currently used today. The team of computer scientists from France and the United States set a new record by factoring the largest integer of this form to date, the RSA-250 cryptographic challenge.

What's the real Impact of Crypto Failures?
A recent article in Security Intelligence describes how "crypto-risk" is often an overlooked aspect of data security. We've been talking about this subject in our recent webinar series on 'The Impact of Crypto Failures'. Parts 1 and 2 are now available on demand. Learn what caused some high-profile recent breaches and what impact they had.

Your Cloud Migration Questions Answered
We've teamed up with Unbound Tech to answer your most common questions about safely migrating crypto-intensive apps to the cloud. How do I determine which data and processes are sensitive? Which keys are in use and how are they stored? What types of extra protection need to be added prior to migration? Register here to join our webinar on April 14th.  

Have Physicists Cracked Perfect Secrecy?
A recent paper in the journal Nature Communications in which the authors claim to have achieved perfect secrecy has been greeted with skepticism by cryptographers.

What Are Your Keys Really Doing?
In February, we announced our new Key Lifecycle feature. Thanks to our unique tracing technology, you can now get a complete inventory of all the keys used in your application directly inside Analyzer along with the vulnerability analysis. Use it to see: which keys are carrying out which operations, what data each key is protecting, how each key is generated or stored, and which keys need to be migrated to cloud KMS or HSMs. Request a demo to see it in action.

New Cryptosense Whitepaper: Cryptography Inventory
A cryptographic inventory is a strategic cybersecurity asset. A typical experience of Cryptosense customers is that the inventory reveals far more cryptography in use that was initially expected. In this new whitepaper we explain how to build, maintain and exploit a useful inventory. Note: the pdf will download in your browser, if your security settings don't allow this please let us know, we'd be happy to email you a pdf.

The Let’s Encrypt Certificate Authority Authorization Incident
The Bulletproof TLS Newsletter, out yesterday, shares details of how the Let’s Encrypt incident occurred. The incident highlights the complexities of large-scale crypto inventory management, for example that there is no automated protocol that allows a CA to tell its users to renew certain certificates.