CAVP, FIPS, and Securing Cryptography Systems

digital key image

Most security standards, including government standards, require cryptography. We are generally familiar with implementing a cryptographic algorithm that meets these requirements and calling it a day. However, to ensure security, NIST also publishes standards for validating encryption modules to ensure they serve their purpose under federal standards. 

Here, we’re discussing the Cryptographic Algorithm Validation Program and its relationship to closely related standards and programs, such as Federal Information Processing Standards and the National Voluntary Laboratory Accreditation Program. 

 

Read More

What Is Advanced Encryption Standard (AES), and How Is it Related to NIST?

Advanced Encryption Standard featured

Our digital age is rooted in the exchange of data, and therefore security of that data. Obfuscation, or encryption, has served as the backbone of that security for decades. As threats have evolved and attackers have found new and more sophisticated ways to break encryptions, it has been up to experts to provide solutions. In the year 2000, the solution was the Advanced Encryption Standard, or AES, which replaced aging encryption methods.

 

Read More

Post-Quantum Cryptography and the Quantum Computing Cybersecurity Preparedness Act

quantum computing featured

Quantum computing has long been a theoretical idea with limited practical application. The only usable quantum computers were only available to cutting-edge researchers supported by massive corporations or government-funded universities. 

As time has passed, however, these researchers have begun to make massive strides in making quantum computing realizable in a way that could impact modern technology. While these developments have been met with significant excitement… but this excitement is somewhat muted. Instead, many security experts are worried that they will fundamentally undermine the foundation of cybersecurity–encryption. 

To address this potential threat, Congress and the President have passed the Quantum Computing Cybersecurity Readiness Act, which dictates that agencies must consider adopting post-quantum encryption to maintain compliance.

 

Read More