Entropy
Corsec covers all relevant information on the topic of Entropy and how it can affect your security certification objectives – like testing, Random Number Generation (RNG), requirements hardening, and cryptography.
Fed Roundup: March 2022
Fed Roundup: February 2022
2019 FIPS Implementation Guidance Updates
Corsec Collaborates with NIAP on Labgram #106
In September, Corsec uncovered a policy change that would affect a number of Common Criteria evaluations following this NIAP announcement: “Per published NIST notifications, all non-56B-compliant key transport schemes will be disallowed in the U.S. government …
Entropy Testing: Tips for Meeting Requirements
In the second post of our two-part series, we continue our discussion with panelists from Computer Sciences Corporation: Lachlan Turner, Jason Cunningham, and Maureen Barry. Continuing where we left off with last week’s post, we’ll dive deeper into entropy and answer some of the many questions now arising…
Entropy for FIPS and Common Criteria: What Is It?
In the world of cryptography, data is only safe as long as the keys used to protect that data are kept secure. While, on one hand, this means that keys must be protected against unauthorized access, it also means that keys must be created in a way that makes them difficult for an attacker to guess. To produce cryptographically strong…
The Last Details on ICMC 2013 and What to Look for Next Year
Is it too late to talk about the International Cryptographic Modules Conference (ICMC)? Well, it really depends on how you look at it. If you were looking for a timely recap of the conference, then yes, I guess it is. But if you missed any of the details, this might be your last chance to catch up. And planning has just begun for next year’s conference…
But the Rules are Changing!
According to the ancient Greek philosopher Heraclitus, “There is nothing permanent except change.” As anyone following security certifications lately can tell you, there is a lot of truth in this statement. We have entered another …