The Information Security Provider
atsec IT Security Blog
News about Common Criteria, Cryptographic Modules, Conferences
and other topics revolving around IT security.
-
CST Newsletter June 2020
We invite you to take a look at our current newsletter that contains information on algorithm transitions, updates to the FIPS IG and a breakdown of the changes in TEs from FIPS 140-2 to FIPS 140-3.
-
Congratulations to Qualcomm
One of the rewards of working in the evaluation and testing business is to see our customers succeed and show the results of their efforts. We are always happy to work with organizations who are committed to IT security and want to improve their products and processes for…
-
Rise & Fall of MD5
by Richard FantThe RiseMD5 (message digest version 5) was developed in 1991 and is still very popular today, with a wide range of commercial and government applications. MD5 is used to generate hash values of passwords stored on a system as opposed to storing the passwords in plain…
-
atsec China adds two PCI SSF Assessor Qualifications
atsec China has been qualified by the PCI SSC (Payment Card Industry Security Standards Council) as a Secure Software Lifecycle (SLC) Assessor and Secure Software Assessor company under the PCI Software Security Framework (SSF) program to evaluate a vendor’s software lifecycle and/or validate a vendor’s payment software. The…
-
Data Recycling to Become Mandatory in 2022
According to sources in the DPA (Data Protection Agency) new guidelines will be issued soon that will make digital trash separation mandatory. Every year an estimated 240 zettabytes of re-usable bits are thrown into desktop trash cans. The new guidelines require operating system manufacturers to implement a recycling…
-
Meltdown Attack: 2 Years Later
by Richard Fant Meltdown Attack: 2 years laterIn February 2017, independent security researchers discovered a catastrophic security flaw in the cache design for processors developed by Intel Corporation. After embargoing the information for almost a year while working on a fix, Intel publicly announced in January 2018 the…
-
International Women’s Day
Happy International Women’s Day to all our wonderful atsec colleagues in Europe, US and Asia.
-
Zen, or the Art of FIPS Certificate Maintenance
by Andreas Fabis When we talk to our customers about FIPS 140-2 testing some questions regarding certificate maintenance frequently come up: There are many factors that can lead to module or platform changes: technical, business and marketing, to name a few. Navigating the rules and options of FIPS…
-
My Experience During the COVID-19 Outbreak in China
During the period of the novel coronavirus (COVID-19) outbreak in China, I, and many others, have cancelled parties with family, friends and colleagues—even during the traditional Chinese Lunar New Year. We have also decided to work remotely with atsec colleagues, customers, and partners. This gave me more time…