Securing HSM Interfaces

In this whitepaper, we discuss attacks on systems using the PKCS#11 API. We consider what it means for an interface to be secure, and we discuss how to audit applications’ use of the API. There are also concrete examples of attacks.

Java Crypto Security

This whitepaper is intended for developers who use, or are considering using, the Java crypto API, and for application security testers who review crypto security. It is not intended to be an introduction to cryptography, but rather a concise guide for readers familiar with crypto basics.

Foundations in Academic Research

At Cryptosense our goal is to provide our customers with all the tools they need to ensure that they are using secure crypto everywhere. With that in mind we regularly publish white papers based on the results of our internal research.

Cryptosense software is based on the academic research carried out over 15 years by Graham Steel and the company still maintains strong academic links with research institutes such as INRIA, University of Edinburgh and University Ca’ Foscari. These relationships allow us to develop better tools and ensure that we provide the most up-to-date crypto coverage possible.

As a complement to our software tools, you can download our latest whitepapers below, or attend a training course on avoiding crypto risk.

If you have any questions or comments about the whitepapers we’re always interested in your feedback. Let us know at info@cryptosense.com.

Free Trial

Use Cryptosense Analyzer to audit your applications and infrastructure, understand your crypto landscape, and optimise bug-fix resources.