There is growing concern regarding the role that encryption on personal devices might play in the future of law enforcement activities. Strong encryption, which uses large keys that are controversially hard to crack, has caused complaints in recent years as manufacturers such as Apple and Google increasingly add these features to their devices. What these companies have done is not new technology, but the broader application of existing public-private key encryption in a way that’s easy to use for the average consumer.

Key encryption managers have very clear differences from Hardware Security Modules (HSMs.)  The main differences reside in how the HSM encryption keys can be used by a Key Manager or HSM.  There are other more important differentiators, however, let’s start with how encryption key managers leverage open standards, like the Key Management Interoperability Protocol (KMIP), and what exactly an HSM is.

Is RSA really less than a week away? It feels like just a few short months ago that the team at Fornetix was lamenting the fact that we'd have to wait until mid-April for the one event we all look forward to year-after-year.

The Fornetix team wants to congratulate Kian Bradley, client developer, after he earned first place in the cryptocurrency capture the flag (C3TF) at this year’s BSidesNoVA hacking conference. The competition focused on real world challenges related to crypto currencies such as smart contract exploits, forensics, wallet exploits, and more issues unique to this growing industry.

When considering automotive IoT, it’s logical to focus on the supply chain that makes the car possible. In reviewing the application of key management to the automotive IoT landscape, it becomes apparent that the provenance of car components, from tires to telematics, is absolutely critical. Any poorly-built component can cause a systemic failure of the vehicle delivered to the consumer. When one typically thinks of applying encryption, it is focused on protecting the confidentiality of data at rest, in motion, or even while being processed. However, what about measuring whether the data should be trusted instead how whether it needs to be protected?