Entrust Identity On: Latest Posts
As both standalone and networked computing capabilities continue to grow in-line with Moore’s law, key sizes for the most widely used public-key cryptographic systems have to grow disproportionately fast. This trend makes a switch to elliptic-curve cryptography (ECC) more and more attractive. Unfortunately, ECC has a reputation for being difficult to understand. And this reputation, [Read More...]
The number of companies exclusively using usernames and passwords as the sole means of guaranteeing authentication is on the decline, according to a recent study from the Ponemon Institute.
Here is a monthly SSL review of discussions about SSL (and possibly other digital certificates) from the last month. Entrust Identity ON discussed the following: Always-ON SSL Moving to TLS 1.2 Bogus SSL Certificates OCSP Stapling Apple SSL Bug CA Security Council discussed the following: Always-On SSL, Part II Ten Steps to Take If Your [Read More...]
A series of data breaches at large universities has called attention to the need for strong data encryption measures across enterprises.
One of the advantages of the SSL industry is that certificates can be issued from most trusted certification authorities (CAs). This allows certificate customers flexibility in choosing their CA or deciding to use a number of CAs. The disadvantage is the end-user does not know if the CA was authorized to issue the certificate and [Read More...]
An individual hacker broke into the administrative infrastructure of a popular online comic book distributor and placed user information at risk, TechCrunch reported.
Looking Back at 2013 Protocol Attacks The year started with a couple of SSL/TLS protocol attacks: Lucky Thirteen and RC4 attack. Lucky Thirteen allows the decryption of sensitive information, such as passwords and cookies, when using the CBC-mode cipher suite. Lucky Thirteen can be mitigated by implementing software patches or preferring the cipher suite RC4. [Read More...]
This entry is part 11 of 12 in the series Entrust at RSA 2014 What an amazing week. We’ve met an untold number of new people, shared security experiences and challenges, gave away amazingly cool gifts and, of course, took home a pair of SC Magazine Reader Trust Awards. Let’s not waste our new relationships. [Read More...]
This entry is part 10 of 12 in the series Entrust at RSA 2014 It’s no secret that digital identities are evolving. From how they’re used, managed and deployed, digital identities are one of today’s most critical and sensitive assets. Entrust vice president David Rockman sat down for an exclusive one-on-one interview with iSMG vice [Read More...]
This entry is part 11 of 12 in the series Entrust at RSA 2014 Just because it’s the final day, doesn’t mean Entrust isn’t ready to talk about the evolution of digital identities. We’ve got a pair of our most popular demos on tap today. Spend your morning with us at Booth 2615 in the [Read More...]