Eviden Digital Security is delighted to announce that their Java Card framework cryptovision ePasslet Suite v4.0 – NXP eDoc Suite v4.0 – has received Common Criteria (CC) EAL5+ certifications on NXP’s JCOP4.5 P71 Java Card platform.
Apart from a wide variety of applications and features supported, cryptovision ePasslet Suite v4.0 on JCOP4.5 P71 features biometric match-on-card methods for fingerprint and face verification covered by Common Criteria certification of the product for Secure Signature Creation Devie (SSCD) configurations allowing use of the biometric methods together with PIN in digital signature creation flows.
cryptovision ePasslet Suite provides applets for various eID document applications, including electronic passports, eIDAS-compliant ID and signature cards, international electronic driver’s licenses, electronic health cards (eHIC), custom national eID cards and more.
In addition, ePasslet Suite can be freely customized through various configuration options. It can evolve to support new use cases and applications while retaining Common Criteria (CC) certification of its certified applications, thereby enabling multi-application cards and documents. It is available in three editions, offering cost-efficient configurations for standard as well as high-end and customized ID document solutions. Samples of the solution are now available on request.
Eviden, the Atos Group business leading in cybersecurity with deep expertise in critical communications, and Westermo one of the leading specialists for industrial data communication, announced their partnership. Together, the two companies seek to develop cutting-edge solutions for secure communication in the industrial and railway environment and are relying on crypto agile OT and IoT devices for this purpose. In times of rapidly changing threat situations and multiple attack vectors, these solutions enable rapid adaptability for operators of critical infrastructures and thus protect investments.
The cooperation between Eviden and Westermo kicks off with a project in Germany in which industrial managed Layer 3 Gigabit switches (Lynx 3510) from Westermo are equipped with Eviden’s pluggable HSMs (Hardware Security Modules) in microSD format. Special crypto-software will be installed on the cards to further secure these switches and prepare them for future cybersecurity scenarios. The crypto-switches ensure the longer lifecycle of the switch platform in terms of investment protection. By relying on replaceable HSMs and thus on crypto-agility, the solution ensures continuous compliance with the highest security requirements.
With this partnership, Eviden demonstrates its extensive expertise in cybersecurity for the Industrial IoT (IIoT) and shows the growing need for crypto agile solutions in the industry.
With IDnomic Sign, Eviden provides a highly secure, high-performance, and flexible electronic signature platform that integrates natively with all components of a trusted infrastructure. The solution addresses the main use cases for electronic signatures: personal signatures, electronic seals, and code signing.
Version 10.4 of IDnomic Sign extends the platform’s functionalities, offering in particular:
Implementation of signature workflows, to orchestrate the signing of a document between the various players in a business procedure,
A dashboard displaying the signature server’s main operating indicators,
Improved, personalized management of signature visuals for PAdES formats.
IDnomic Sign is deployed by a large number of customers in France and abroad, and is used by public authorities, hospitals and companies.
Available as software license or in SaaS mode, IDnomic Sign facilitates online business processes and thus the digital transformation of organizations.
Our experts can help you integrate IDnomic Sign into your information systems and business applications.
The new version 2 of Eviden’s cryptovision TSE has been certified by the German Federal Office for Information Security (BSI).
A TSE (Technical Security Equipment) is a security module for cash registers designed to prevent tax fraud. It ensures that every transaction is logged and digitally signed. Since January 1, 2020, every electronic or computerized cash register in Germany must be equipped with a TSE. From 2024, the TSE obligation will also apply to taximeters. The structure and functionality of a TSE are described in the Technical Guideline TR-03153 (Technical Security Device for Electronic Recording Systems) of the BSI.
The cryptovision TSE is an established TSE implementation from Eviden, version 2 of which has now been certified. It enables retail, catering and cab companies to record their transactions in a legally compliant manner in accordance with legal requirements and BSI specifications.
In ten years, there will be quantum computers that can crack RSA and other crypto algorithms. This is the worst-case assumption of the German Federal Office for Information Security (BSI), which is why there will soon be regulations requiring security-critical IT systems to migrate to post-quantum processes. But how does a company or public authority go about switching to the new algorithms as smoothly as possible? A new “PQC Migration Guide” from Eviden provides the answer. The 16-page guide covers crypto agility, crypto inventories, Mosca’s theorem, and numerous other topics that play a role in post-quantum migration. The “PQC Migration Guide” is available for free download.
This year cryptovision was again present at the RSA conference in San Francisco, one of the world’s most important events for IT security. And of course cryptovision participated again in the traditional evening reception with the German consul. This time, the venue was a club not far from the famous Transamerica Pyramid, hosted by the industry association TeleTrusT. During this ceremony cryptovision received a Common Criteria certificate for the Jacolyn CSP (version 2) from the hands of BSI department head Dr. Günther Welsch. The Jacolyn CSP is a Cryptographic Service Provider (CSP) that can be used as a cryptographic security core for numerous applications, including the cryptovision TSE v2 for cash registers. The architecture of this product is in line with the CSP concept developed by the BSI, which provides for the encapsulation of crypto functions and enables easy integration without specialized cryptographic knowledge. By certifying the Jacolyn CSP, cryptovision strengthens its position as a provider of secure and easy-to-use crypto solutions.
Everything you need to know as a beginner on the subject of post-quantum cryptography, explained in an understandable way on 24 pages, in a German and an English version – this is the concept of the new Atos whitepaper on the subject of post-quantum cryptography. It explains the most important algorithms in a clear manner, avoiding overly complicated mathematics. Since the year 2022 will go down in history as the one in which the standardization of post-quantum cryptography first took concrete shape, this aspect is also highlighted. And finally, the white paper addresses the challenges of the coming years. These include bringing the new methods into the existing chip architectures despite long keys and, in some cases, poorer performance. If you want to know more about these topics, you can download the Atos whitepaper on post-quantum cryptography here.
For more than a year cryptovision has been a part of the Atos family. For all those who want to know how the company has developed during this time, a special issue of the ID Security magazine “The Vault” has now been published. All articles in this magazine were written by Atos employees with cryptovision past. The special issue is available for download free of charge.
An interview with Benjamin Drisch, Senior Vice President Government ID, is not called “From hidden champion to global player” for nothing. In fact, cryptovision has developed from a small specialist into a leading international provider in the Government ID segment under the Atos umbrella. The previous Government-ID service portfolio has been expanded to include PKI solutions, a smart card operating system and hardware security modules (HSMs), while the opportunities for project implementation have increased significantly thanks to numerous new colleagues. And, of course, the globally active Atos sales force ensures that cryptovision now has much better access to its customers.
However, the cryptovision special edition of “The Vault” not only reports on cryptovision itself, but also on some exciting developments in the field of digital identities. Among other things, it is about Non-Fungible Tokens, how they are stolen and how this can be prevented – True Crime once again. Fido tokens and smartcard middleware also come up. Also worth reading is an interview with Holger Roessner, CEO of cryptovision partner Advanide.
Finally, there is something to smile about. Adam Ross, an expert in beer and digital identities, reports on an interesting point of contact between his two areas of expertise. Cryptovision says “Cheers” and hopes you enjoy reading!
Do you know CRYSTALS-Kyber? If not, you will certainly get to know this post-quantum encryption method soon, because it was declared one of four winners from an original 69 candidates by the US standardization authority NIST. The other three winners in this multi-year competition are the CRYSTALS-Dilithium, FALCON and SPHINCS+ post-quantum signature methods.
The background is that the asymmetric crypto methods used so far, including RSA and Diffie-Hellman, can be broken with quantum computers. Although usable quantum computers have so far only existed in science fiction, NIST wanted to respond to the looming threat at an early stage and therefore organized a competition in which methods considered to be quantum-safe were to be evaluated and some standardized at the end.
Experience shows that other standardization bodies around the world are adopting NIST’s crypto standards. The announcement of the first four winners – with a few more to follow – is therefore tantamount to a go-ahead, because after years of uncertainty, it is now foreseeable which post-quantum methods will prevail in practice. Crypto vendors around the world will now have to implement these methods, universities will have to change their curricula.
It won’t be easy for crypto enthusiasts, however, because there is higher mathematics behind post-quantum cryptography. While SPHINX+ is based on the comparatively easy-to-understand principle of one-way functions, CRYSTALS-Kyber, CRYSTALS-Dilithium and FALCON are mathematically much more sophisticated. All three belong to the so-called lattice methods and therefore require arithmetic operations in multi-hundred-dimensional lattices – not exactly what the average person learned in school.
Of course, the new post-quantum methods are now also on the roadmap at cryptovision and its parent company Atos. Cryptovision will also continue to dedicate itself to the task of explaining post-quantum cryptography clearly, be it through the popular cryptovision post-quantum whitepaper or comic-style conference presentations. The age of post-quantum cryptography can come, cryptovision and Atos are prepared.
Already for the tenth time cryptovision invited to Mindshare. After two years of Corona break, the two-day congress fair was awaited with particular excitement, and those who came to Gelsenkirchen were once again not disappointed.
In four tracks there were top-class presentations to follow, plus keynotes, live hacking, tutorials and panel discussions. In addition to the latest developments on eID, Internet of Things and email encryption, post-quantum cryptography and user-friendly security solutions were also discussed. Of course, cryptovision also provided information about its strategy following the acquisition by Atos, which offers fascinating new opportunities for customers of both companies.
For the first time, cryptovision also presented a Crypto Cave, where a real Enigma as well as other encryption machines could be marveled at. The Crypto Museum in Eindhoven provided these rare exhibits.
And of course the Mindshare wouldn’t be the Mindshare without the great Cryptonite party on the evening of the first conference day. Besides buffet, bar, live music and photo ball, fireworks were not to be missed.In this pleasant atmosphere there was ample opportunity for exchange of ideas and networking, which 450 participants did not miss.
For all those who missed the Mindshare and for all visitors who want to review the two days, cryptovision has published a video. In a good minute it faithfully reproduces the great Mindshare atmosphere:
Necessary cookies are essential for the proper functioning of the website. This category only contains cookies that guarantee basic functions and security features of the website. These cookies do not store personal information. The necessary cookies also include the Polylang cookie, which is used to remember the language that the user selected when visiting the website again.