The Information Security Provider
atsec IT Security Blog
News about Common Criteria, Cryptographic Modules, Conferences
and other topics revolving around IT security.
-
SP 800-56B and RSAES-PKCS1-v1.5 Update
Near the end of 2017, NIAP issued and later retracted Labgram #106. This Labgram warned that RSAES-PKCS1-v1.5 would be disallowed by NIST after 2017 which meant that it would also be disallowed by NIAP after 2017 in CC evaluations. The reason for the retraction was because NIST delayed…
-
atsec partners with major retail outlets for provision of security assurance
In a major announcement, atsec information security announces the establishment of partnerships with major retail outlets around the world, in a bid to provide more convenient provision of security assurance to users of commercial IT products. Users of commercial off the shelf products purchased through major retail outlets…
-
A giant leap for mankind?
Oh boy!!! Yet another year has gone by and we are celebrating International Women’s Day again. This year the theme is “Time is Now: Rural and urban activists transforming women’s lives”. I must say that working in atsec has always been free of the worries about gender inequality that…
-
atsec is celebrating!
It is 18 years since atsec was founded on January 11th, 2000. Since then atsec has made a very significant contribution to information security. As one of the only truly independent labs atsec is still self-funded, owned by professionals in the security assurance business and a key player…
-
eIDAS for Remote (Centralised Server) Signing
What is eIDAS? Evaluation and certification of trustworthy systems and signature and seal creation devices becomes increasingly important due to the new eIDAS regulation (EU Regulation No. 910/2014) that entered into force in the 28 EU Member States in July 2016. eIDAS is an EU regulation on electronic…
-
As You Like It!
Over the last few years we have seen some maturation in the processes of providing information security assurance. This is good. First let’s roll back into history, to the days in the ‘70’s and ‘80’s, when it could not be safely assumed that the operating systems in use…
-
Yi Mao’s Opening Speech at the Fifth ICMC
“Dear Community, It is the second time that I have had the honor and pleasure to open the International Cryptographic Module Conference. This year is very special since it is the fifth anniversary of the conference. I’d like to welcome you all with an image from the end…
-
Mea Culpa
Unfortunately, atsec has been accused of distributing fake news. Here at atsec we take such an accusation seriously. We have performed a thorough internal investigation and have determined that the accusation is true. atsec has been guilty of disseminating fake news on an annual basis for the last…
-
FIPS 140-2 and ISO Standards
atsec customers who have projects for testing, validating, and certifying cryptographic modules for the US government market are intimately familiar with the FIPS 140-2 standard. This standard and its associated supporting documents are produced and published by NIST. Together, the suite of documents define the specification and testing…