Category Archives: Digital Certificates

Several Universities Face Cybersecurity Siege

March 11, 2014 by Entrust, Inc.     No Comments

A series of data breaches at large universities has called attention to the need for strong data encryption measures across enterprises.

Filed Under: Encryption Tagged With:

Bogus SSL Certificates

February 16, 2014 by Bruce Morton     No Comments

Netcraft has published an article stating they have found many bogus SSL certificates. In this case, a bogus certificate is self-signed (i.e., not issued from a legitimate certification authority) and replicates an SSL certificate of a large, popular website. This type of bogus SSL certificate could be used for a man-in-the-middle (MITM) attack. In this [Read More...]

Filed Under: Digital Certificates, SSL Tagged With: MITM, Public Key Pinning, SSL

Digital Certificates: How they Secure Consumer-Level Devices, Identities

January 16, 2014 by Entrust, Inc.     No Comments

The modern home is connected to the online world today more than ever. Now, everything from toaster ovens to toilets are IP-enabled. The phenomenon is called the Internet of Things, and we are currently starting to see the beginning of a massive worldwide adoption of it.  What can Digital Certificates Protect? • Gaming consoles • [Read More...]

Filed Under: Digital Certificates Tagged With: EW

Digital Certificates: Strengthening Security in the Enterprise

January 13, 2014 by Entrust, Inc.     No Comments

Upon first glance, a utility meter might seem like the furthest thing from a security threat than you could imagine. After all, what harm could come from a device that measures the amount of electricity or gas your building consumes? The reality is, however, that in today’s ultra-connected world, this type of naive thinking could [Read More...]

The Edward Snowden Story Calls For Understanding of Encryption, Strong Identity

September 18, 2013 by Bill Conner     No Comments
This entry is part 2 of 2 in the series The Snowden Papers: Lessons to be Learned

This entry is part 2 of 2 in the series The Snowden Papers: Lessons to be LearnedEntrust’s Approach and View of Cryptography There has been tremendous press coverage over the last week or two about cryptographic systems and threats to their security. I want to take some time to share how Entrust, as a global [Read More...]

NSA Leaks Uncover Legitimate Surveillance Concerns, But Cryptographic Systems are Not One of Them

September 17, 2013 by Bill Conner     1 Comment
This entry is part 1 of 2 in the series The Snowden Papers: Lessons to be Learned

This entry is part 1 of 2 in the series The Snowden Papers: Lessons to be LearnedIntelligence Services Disclosures and the Impact on Information Security The Washington Post and other media outlets have provided extensive coverage of allegations made by Edward Snowden concerning some of the NSA’s surveillance programs. The allegations include: The NSA has [Read More...]

Digital Certificates on Your Phone?

September 9, 2013 by Matthew Lewis     No Comments

It’s not a Peyton Manning TV spot, but it’s certainly more important to the security of your identities. In Entrust’s recent infographic, “Mobile Security: Perception vs. Reality,” a third-party study found that 38 percent of enterprises have or plan to implement mobile device certificates in 2013. But there is also the myth that certificate-based identities [Read More...]

Why Do I Need UC Multi-Domain SSL Certificates?

August 27, 2013 by Bruce Morton     No Comments

This certificate is sometimes called unified communications certificate (UCC), multi-domain certificate or multi-SAN certificate. In this posting, we will call them UCC or UC certificate. The unique feature of the UC certificate is that it takes full advantage of the subject alternative name (SAN) field. In doing so, the issuer allows the certificate subscriber to [Read More...]

Filed Under: Digital Certificates, SSL, SSL Deployment Tagged With: multi-SAN, SSL, UCC

Which Mobile Device Do I Trust?

August 6, 2013 by David Mahdi     No Comments

Whether it’s through the constant use of passwords, answering security questions online or verifying an address over the phone, most people understand the importance of authenticating identities. But this theory also is critical to verify the identities of mobile devices connecting and interacting with a secure network. Today, organizations require a methodical and proven solution [Read More...]

Alan Turing Notes on Cryptography Released

July 12, 2012 by Jon Callas     No Comments

Are there any insights left to be wrung from the code breaker’s papers?

Chris Vallance of the BBC reports that GCHQ has released some of Alan Turing’s papers on the theory of code breaking. They’re not on display at the National Archives at Kew. I’ve checked the web pages of the Archives and GCHQ, and there is as of my writing nothing up there, yet.

The two papers are titled, The Applications of Probability to Crypt” and Paper on the Statistics of Repetitions. They discuss the use of mathematics to cryptanalysis. This might seem a bit obvious now, but at the time cryptanalysis was largely done by smart people and not by machines. A code-breaker was more likely someone who was good at solving complex crossword puzzles than working with numbers. It was unusual to bring in someone like Turing to a cryptology lab.