The Information Security Provider
atsec IT Security Blog
News about Common Criteria, FIPS, Conferences
and other topics revolving around IT security.
For a non-paginated list of all of our blog posts, head over to our Blog Archive page.
-
CST Newsletter September 2020
We invite you to take a look at our current newsletter that contains information on algorithm transitions, updates to the FIPS IG and announcements for FIPS 140-2 and FIPS 140-3.
-
Transitioning to NIST SP 800-56A Rev3: what you need to know
by Swapneela Unkule NIST SP 800-56A provides recommendations for Pair-Wise Key-Establishment Schemes Using Discrete Logarithm Cryptography. Diffie-Hellman (DH), Elliptic Curve DH (ECDH) and Menezes-Qu-Vanstone (MQV) key-agreement schemes are specified in this standard. These Key-Agreement Schemes (KAS) are widely used in network protocols such as TLS. The SP 800-56A…
-
atsec’s 20 Year Anniversary
It was the beginning of January when I first heard about the new virus causing severe flu-like symptoms, such as upper respiratory infection, spreading throughout China. I started to worry about our China team. Nevertheless, we continued to plan for the global celebration of atsec’s 20th anniversary, assuming…
-
atsec leading in Automated Cryptographic Validation Testing
With the sunset of the Cryptographic Algorithm Validation System (CAVS) at end of June 2020, algorithm testing for NIST and NIAP validations and evaluations must now be performed using the Automated Cryptographic Validation Testing System (ACVTS). The list of issued CAVP certificates using ACVTS (i.e. the certificates prefixed…
-
Bye bye, CAVS tool, old friend…
Dear CAVS Tool, We want to congratulate you on years and years of dedicated service. Without you, algorithm testing would not have been what it is today, and we salute you for staying with us for so long. On June 30th you will finally get your well-deserved retirement.…
-
CST Newsletter June 2020
We invite you to take a look at our current newsletter that contains information on algorithm transitions, updates to the FIPS IG and a breakdown of the changes in TEs from FIPS 140-2 to FIPS 140-3.
-
Congratulations to Qualcomm
One of the rewards of working in the evaluation and testing business is to see our customers succeed and show the results of their efforts. We are always happy to work with organizations who are committed to IT security and want to improve their products and processes for…
-
Rise & Fall of MD5
by Richard FantThe RiseMD5 (message digest version 5) was developed in 1991 and is still very popular today, with a wide range of commercial and government applications. MD5 is used to generate hash values of passwords stored on a system as opposed to storing the passwords in plain…
-
atsec China adds two PCI SSF Assessor Qualifications
atsec China has been qualified by the PCI SSC (Payment Card Industry Security Standards Council) as a Secure Software Lifecycle (SLC) Assessor and Secure Software Assessor company under the PCI Software Security Framework (SSF) program to evaluate a vendor’s software lifecycle and/or validate a vendor’s payment software. The…