Cryptography

Cryptography is the building block of the security, used to generate secrets and protect data and secure communication.
But good cryptography is evolving with time and processing power.
Monitoring and experimentation are key to stay up to date in this permanent mathematical challenge.

Relying on experienced cryptographer and security consultants, Trusted Labs helps company in their cryptography and security choice appropriate, depending on hardware, software, and devices caracteristics such as processing power, lifetime, memory caracteristics and key management. Looking for the appropriate cryptography, to embed in your solutions ? Contact us.

Cryptography role in security

The cryptography is known to be the building block of any kind of security, as it is protecting data at rest, on the run, in transit, allowing to manage integrity, confidentiality, and authentication. Thanks to cryptographic mathematical algorithms, correct management of memory and efficient processing, it is possible to generate keys, perform data ciphering, calculate and verify signature. The actual implementation of cryptography can be either hardware or software based, but whatever is the framework, it has to be trusted and proven. So. How can algorithms be trusted and their implementations appropriate? What makes a good cryptography? How to demonstrate its usage is proven?

The good practices in crypto usage

The normal way to choose cryptography is first to qualify its context usage, listing what is important with respect to processing power available, performance, memory size available for long keys, dynamicity of the use case, possibility to distribute and provision keys; once those parameters, the appropriate cryptographic algorithm may be short listed. For example, on the IoT side, symmetric cryptography, can be used. For devices with less constraints on the processing power and memory side, asymmetric algorithms can be selected.

 

But the secret for using a proper cryptography is that the algorithms residing in your short list, fitting with your use case constraints, are standard and tested. This seems like a mantra the entire industry keeps saying: do not forge your own cryptography. There are good algorithms around, designed by researchers or security experts, tested, proven. On the cryptography side, the more the algorithm has been shared, implemented, tested, the best it is. On that matter, the industry considers that the NIST stays the reference with respect to assessing algorithm usability, symmetric or asymmetric.

What are the cryptography trends?

The speed of cryptographic development is quite slow, it takes several years to stabilize algorithms, have them proven and tested, thus cryptography algorithm innovation exists but with large cycle to our digital world short cycle. Nevertheless the cryptography is a science, and there are constant progress and new implementation raising. Thus it is important to stare at the industry progress. The topics that attract the industry at the moment are the post quantum cryptography and the lightweight cryptography. The fist one deals with the coming problem that the security industry may face when (if) the quantum computers will get mature. While there is no accurate date when that may happen, the cryptography community has already started to work on cryptographic algorithms that would resist to high computing power of those computers.

 

The community is meeting on a regular basis to converge towards acceptable new family of algorithms. The second trend deals with Lightweight crypto and is driven by the IoT wave. The new type of connected objects are characterized by high interconnection, low processing, rediced latency expectations. Those new constraints are also applied to security operations. The traditional cryptography has been mainly designed in a central or one-to-one exchange mode. Thus some new forms of cryptography have to be found to address those constraint brought by new architectures and infrastructure models.

Choosing, evaluating and certifying cryptography

Any piece of software or hardware requiring a security certification will embed some cryptography inside, as any security measure relies on cryptography operations. For all security certification, the cryptography is evaluated, as part of the certification process. Choosing the appropriate cryptography algorithms and the robust implementation is part of the key elements allowing certification. So while entering on a security market, any company willing to be certified should get support. In Trusted Labs, we do monitor very closely cryptography eco-system. Being experienced in design consulting, risk analysis, attacks with known vulnerability and pen testing, we can provide recommendations to choose relevant cryptography, provided your context, and help you to prepare your security certification.