Eviden presentation on post-quantum migration at the MCTTP in Munich

Eviden presentation on post-quantum migration at the MCTTP in Munich

How can an organization migrate to post-quantum cryptography as smoothly as possible? At the MCTTP conference in Munich, Simon Ulmer and Klaus Schmeh from Eviden Digital Identity provided answers in an unusual way. Their presentation in science fiction design was one of the highlights of the event, which took place on September 18 and 19. The audience learned that, among other things, a crypto inventory and a risk assessment are necessary for a proper migration. The transition to post-quantum cryptography for smartcards and embedded systems will be particularly challenging.

Just one week after Mindshare Simon and Klaus showed once again that presentations by Eviden Digital Identity are pretty much anything but boring.

MCTTP website: https://www.mcttp.de/

 

Three post-quantum algorithms are now official US standards

Three post-quantum algorithms are now official US standards

The U.S. National Institute of Standards and Technology (NIST) has officially designated three post-quantum cryptographic algorithms as national standards. These algorithms emerged as the top choices from a years-long global competition, with the winners initially announced in 2022. This decision represents a significant milestone toward ensuring security in the quantum era. Although NIST standards are technically binding only in the United States, they are likely to influence other countries, with key bodies like Germany’s Federal Office for Information Security (BSI) and France’s Agence Nationale de la Sécurité des Systèmes d’Information (ANSSI) already expressing their support.

Along with standardization, NIST has introduced new names for the algorithms. CRYSTALS-Kyber will now be known as “ML-KEM” and assigned the identifier FIPS 203. Similarly, CRYSTALS-Dilithium has been renamed “ML-DSA” (FIPS 204), while SPHINCS+ will be called “SLH-DSA” (FIPS 205).

Eviden Digital Identity welcomes this significant advancement. With its crypto-agile product portfolio, which includes the cryptovision GreenShield email and file encryption solution and the IDnomic PKI solution, the company is well-positioned to support the new cryptographic methods. The three post-quantum algorithms in question have already undergone internal testing since 2022. With the recent standardization, these methods can now be implemented in a future-proof and interoperable manner.

However, the standardization process for post-quantum cryptography is far from complete. FALCON, another winner from the initial algorithm competition, is expected to be officially standardized this year under the name “FN-DSA” with the designation FIPS 206. Additionally, NIST is currently conducting another competition focused exclusively on digital signature methods, with the winners expected to be standardized in the coming years.

NIST web page on post-quantum cryptography: https://csrc.nist.gov/projects/post-quantum-cryptography

 

Klaus Schmeh from Eviden presents at the world’s largest hacker conference

Klaus Schmeh from Eviden presents at the world’s largest hacker conference

With 30,000 participants, DEF CON in Las Vegas is the largest hacker conference in the world. At this year’s edition (August 8-11), Klaus Schmeh, crypto specialist from Eviden Digital Identity, was represented with two presentations. His presentations, which he gave together with US crypto expert Elonka Dunin, focused on cracking various encryption methods and software programs that can be used for this purpose. Around 500 people attended each of the two presentations and, as always, Klaus Schmeh and his co-speaker’s vivid presentation style was extremely well received.

In the two days before DEF CON, the BSides conference also took place in Las Vegas, which addresses a similar target group, but is less commercially oriented and much smaller with 2000 participants. Klaus Schmeh and Elonka Dunin also gave a presentation at BSides. It was about modern computer algorithms that can be used to solve historically significant encryptions. Around 200 spectators watched the presentation, which featured numerous animations, and were captivated by the fascination of code-breaking.

Website of DEF CON: https://defcon.org/html/defcon-32/dc-32-index.html

 

Eviden presents encryption in rail transport at the BSI Congress in Germany

Eviden presents encryption in rail transport at the BSI Congress in Germany

Gunnar Preißler (Eviden Mission Critical Systems) and Klaus Schmeh (Eviden Digital Identity) will be presenting a solution for cryptographically securing communications in the rail sector at this year’s German IT Security Congress. This is a hardware component developed by Eviden in collaboration with Swedish supplier Westermo. The solution comprises a robust network device into which a security module in µSD format is integrated. This module performs the cryptographic functions and stores the keys. The security module can be replaced if necessary, without having to replace the entire component. Crypto-agility is thus assured.

The German IT Security Conference is organized by the Federal Office for Information Technology Security (BSI), and will take place this year on May 7 and 8 as an online event. Several thousand participants are expected. Gunnar Preißler and Klaus Schmeh will present on the first day at 11 a.m., just after the BSI keynote speeches. They are already looking forward to welcoming a large number of interested spectators.

German IT Security Congress website: https://www.bsi.bund.de/DE/Service-Navi/Veranstaltungen

 

Eviden Digital Identity at ID4Africa

Eviden Digital Identity at ID4Africa

More than 2000 participants and over 100 exhibitors from all over the world will be present when ID4Africa opens its doors for the eighth time from May 21 to 24. The venue for this year’s edition is Cape Town in South Africa. ID4Africa is regarded as the most important forum for electronic ID cards and digital identities in Africa – a continent with well over a billion people who need secure digital access to the Internet, public authorities and banks.

As in previous years, Eviden Digital Identity – with the brands cryptovision and Idnomic – will be represented at ID4Africa with a stand (B16). Visitors will be able to find out about Eviden Digital Identity’s Citizen ID product portfolio, which has grown significantly in recent years. In addition to the eID-PKI solutions, this includes the eID middleware cryptovision SCinterface, the Java card framework cryptovision ePasslet Suite and much more. All of these solutions have been used for years in numerous African and other countries and have proven themselves in practice. Find out more at ID4Africa 2024.

ID4Africa 2024 website: https://id4africaevents.com/2024/conference/

 

Silicon Trust’s post-quantum seminar: videos and slides now online

Silicon Trust’s post-quantum seminar: videos and slides now online

Over 100 participants attended Silicon Trust’s online seminar “Post Quantum Cryptography – The Impact on Identity” on April 10. The speakers included Klaus Schmeh from Eviden Digital Identity, who spoke about the implementation of post-quantum cryptography on smartcards – an important topic, as current smartcard architectures are not designed for post-quantum crypto processes. Moderator Steve Atkins praised Schmeh’s “unique presentation style” in the announcement and was not disappointed. The long-time Eviden and cryptovision employee offered edutainment at the highest level – with slides in comic design, numerous animations and first-hand information. If you missed the seminar, you can watch the lectures and presentation slides online. The links can be found on the seminar website.

Seminar website: https://silicontrust.org/new-seminar-post-quantum-cryptography-the-impact-on-identity/

 

cryptovision GreenShield now with preview module for post-quantum cryptography

cryptovision GreenShield now with preview module for post-quantum cryptography

There is now an innovative extension for the cryptovision GreenShield email encryption software: a preview module for post-quantum cryptography. This enables PQC and composite signatures as well as PQC encryption with the CRYSTALS-Dilithium and CRYSTALS-Kyber algorithms, based on self-signed certificates. Both cryptovision GreenShield Mail and cryptovision GreenShield File support the new functions.

With the new feature, cryptovision GreenShield users can already evaluate post-quantum procedures today. Interested parties can be accompanied by Eviden Digital Identity during an evaluation.

Anyone interested can find out more at Omnisecure from January 22 to 24 in Berlin. A team from Eviden Digital Identity will be on site, so feel free to talk to us, for example during the two presentations we will be giving at this event.

Website for cryptovision GreenShield: https://www.cryptovision.com/en/products/security-applications/greenshield/

 

Cryptonite 2023: Party and networking above the rooftops of Paris

Cryptonite 2023: Party and networking above the rooftops of Paris

This year’s TRUSTECH congress trade fair in Paris attracted over 6500 participants and 200 exhibitors to the Expo Center at the Porte de Versailles. Eviden Digital Identity was there again. On November 29, Klaus Schmeh gave a highly acclaimed presentation on post-quantum cryptography, and on the evening of the same day, Eviden Digital Identity hosted the famous Cryptonite party. High above the rooftops of Paris, over 120 hand-picked guests enjoyed wine and French specialties against a fascinating backdrop. The following video gives some impressions of this extraordinary event:

 

cryptovision ePasslet Suite v4.0 has received Common Criteria (CC) EAL5+ certifications

cryptovision ePasslet Suite v4.0 has received Common Criteria (CC) EAL5+ certifications

Eviden Digital Security is delighted to announce that their Java Card framework cryptovision ePasslet Suite v4.0 – NXP eDoc Suite v4.0 – has received Common Criteria (CC) EAL5+ certifications on NXP’s JCOP4.5 P71 Java Card platform.

Apart from a wide variety of applications and features supported, cryptovision ePasslet Suite v4.0 on JCOP4.5 P71 features biometric match-on-card methods for fingerprint and face verification covered by Common Criteria certification of the product for Secure Signature Creation Devie (SSCD) configurations allowing use of the biometric methods together with PIN in digital signature creation flows.

cryptovision ePasslet Suite provides applets for various eID document applications, including electronic passports, eIDAS-compliant ID and signature cards, international electronic driver’s licenses, electronic health cards (eHIC), custom national eID cards and more.

In addition, ePasslet Suite can be freely customized through various configuration options. It can evolve to support new use cases and applications while retaining Common Criteria (CC) certification of its certified applications, thereby enabling multi-application cards and documents.  It is available in three editions, offering cost-efficient configurations for standard as well as high-end and customized ID document solutions. Samples of the solution are now available on request.

cryptovision ePasslet Suite website: https://www.cryptovision.com/en/products/secure-id-applications/epasslet-suite/