Skip to main content

Crypto is easy, right?

Jan

15

2021

Time to read

Read so far

Written by: 

Ian Wills

Time to read

Written by: 

Crypto is easy_1000x420

I recently read "The Code Book" by Simon Singh and found it a fascinating history told through the prism of cryptography. It turns out that keeping secrets used to be very difficult, and great efforts had to be invested. You might have had to wait for a messenger's hair to grow back to cover the message written on their head, or carry a bulky device into battle that encrypted one letter at a time after configuring it with the day's settings. Secret communication was cumbersome and slow.

But then the 1970's came along and finally we had a solution which was not just highly secure, but also scalable and allowed secure communications between parties who had never met (avoiding the need to share a key). (Want to take a deeper dive into the history of cryptography? Go here.)

Now, cryptography is built into the applications we use on a daily basis, whether that is the TLS session which secures the credit card details we use for online shopping, or the device identity that allows our PCs to join our corporate networks.

So crypto is no longer a problem, it’s "fixed", right?

It is certainly easier to deploy cryptographic systems today. In fact, we do this all the time without even being aware. Applications have embedded cryptography, and in some cases they will even generate the keys required to secure the application. Applications embed crypto libraries which implement the encryption that secures organizations, and it is so easy to set up a new certificate authority to issue keys within a business unit that over the years the amount of crypto has proliferated.

Unfortunately we have gotten to the point where crypto is now critical infrastructure within our organizations, but we do not always recognize it until a certificate expires and brings down an ATM network, website or other critical business application. Yet, when a new crypto vulnerability is discovered most organizations do not have the same level of maturity for keeping track of crypto as they do for inventory management  of other physical and digital assets, like software licensing or hardware.

The upshot − we need to take better care of our crypto. The reality is that skills in this area are scarce, and keeping up to date with the latest standards and best practice often takes a backseat to pressing strategic business or operational needs. For this very reason, Entrust has leveraged 25 years of experience to create the Entrust Cryptographic Center of Excellence (CryptoCoE) solution. Through the ECryptoCoE solution, we support our customers in establishing crypto teams and arming them with the governance and technical tools to set crypto policy and start building an inventory of crypto within their enterprise. Entrust has  25 years of experience developing, deploying, running and supporting cryptographic systems. We are excited about sharing our experience with our customers to help them manage crypto as critical infrastructure.

For more information on Entrust’s CryptoCoE solutions, visit our website: https://www.entrust.com/digital-security/certificate-solutions/c/introducing-entrust-cryptographic-center-of-excellence

Ian-Wills
Ian Wills
Professional Services Director
Ian Wills is Professional Services Director for the PKI and Identity segments for Entrust covering the Europe, Middle East and Africa regions.  Ian has over 25 years of experience in IT Security and PKI solutions, working with a range of government and financial services organizations across the EMEA region. Ian was one of the first employees in Europe for Entrust, joining the company in 1997.  During his career Ian has held a variety of technical and commercial roles, including Director level management positions within sales and professional services functions. Ian holds an BSc Honours in Computer Science from the University of Leeds, UK.
View all of Ian's Posts