US standards body NIST announces four winners in post-quantum competition

US standards body NIST announces four winners in post-quantum competition

Do you know CRYSTALS-Kyber? If not, you will certainly get to know this post-quantum encryption method soon, because it was declared one of four winners from an original 69 candidates by the US standardization authority NIST. The other three winners in this multi-year competition are the CRYSTALS-Dilithium, FALCON and SPHINCS+ post-quantum signature methods.

The background is that the asymmetric crypto methods used so far, including RSA and Diffie-Hellman, can be broken with quantum computers. Although usable quantum computers have so far only existed in science fiction, NIST wanted to respond to the looming threat at an early stage and therefore organized a competition in which methods considered to be quantum-safe were to be evaluated and some standardized at the end.

Experience shows that other standardization bodies around the world are adopting NIST’s crypto standards. The announcement of the first four winners – with a few more to follow – is therefore tantamount to a go-ahead, because after years of uncertainty, it is now foreseeable which post-quantum methods will prevail in practice. Crypto vendors around the world will now have to implement these methods, universities will have to change their curricula.

It won’t be easy for crypto enthusiasts, however, because there is higher mathematics behind post-quantum cryptography. While SPHINX+ is based on the comparatively easy-to-understand principle of one-way functions, CRYSTALS-Kyber, CRYSTALS-Dilithium and FALCON are mathematically much more sophisticated. All three belong to the so-called lattice methods and therefore require arithmetic operations in multi-hundred-dimensional lattices – not exactly what the average person learned in school.

Of course, the new post-quantum methods are now also on the roadmap at cryptovision and its parent company Atos. Cryptovision will also continue to dedicate itself to the task of explaining post-quantum cryptography clearly, be it through the popular cryptovision post-quantum whitepaper or comic-style conference presentations. The age of post-quantum cryptography can come, cryptovision and Atos are prepared.

NIST website about the competition: https://csrc.nist.gov/Projects/Post-Quantum-Cryptography

 

Mindshare 2022 video: Two great days in 70 seconds

Mindshare 2022 video: Two great days in 70 seconds

Already for the tenth time cryptovision invited to Mindshare. After two years of Corona break, the two-day congress fair was awaited with particular excitement, and those who came to Gelsenkirchen were once again not disappointed.

In four tracks there were top-class presentations to follow, plus keynotes, live hacking, tutorials and panel discussions. In addition to the latest developments on eID, Internet of Things and email encryption, post-quantum cryptography and user-friendly security solutions were also discussed. Of course, cryptovision also provided information about its strategy following the acquisition by Atos, which offers fascinating new opportunities for customers of both companies.

For the first time, cryptovision also presented a Crypto Cave, where a real Enigma as well as other encryption machines could be marveled at. The Crypto Museum in Eindhoven provided these rare exhibits.

And of course the Mindshare wouldn’t be the Mindshare without the great Cryptonite party on the evening of the first conference day. Besides buffet, bar, live music and photo ball, fireworks were not to be missed.In this pleasant atmosphere there was ample opportunity for exchange of ideas and networking, which 450 participants did not miss.

For all those who missed the Mindshare and for all visitors who want to review the two days, cryptovision has published a video. In a good minute it faithfully reproduces the great Mindshare atmosphere:

 

Mindshare website: https://www.cryptovision.com/en/mindshare-2022/

 

New GreenShield version receives BSI approval

New GreenShield version receives BSI approval

The current version of the GreenShield security software has received formal approval from the German Federal Office for Information Security (BSI) for processing classified information up to VS-NfD. It was already known at the beginning of February, at the BSI IT Security Congress, that the new GreenShield version had successfully passed the technical evaluation at the BSI and that only the so-called “co-signing” had to be granted. GreenShield supports both common standards – S/MIME and OpenPGP – and is characterized by very high user-friendliness, a decisive factor for authorities and the secrecy-conscious economy.  With the current approval, GreenShield follows two previous versions, all of which also have VS-NfD approval. For the first time, GreenShield receives both an approval with support for various smart cards (TCOS, CardOS, JCOP, etc) and an approval recommendation for use without a smart card. This makes GreenShield the solution of choice for anyone who wants to encrypt at a high level of security and/or replace the Chiasmus encryption program, whose VS-NfD approval expires at the end of June. GreenShield website: https://www.cryptovision.com/en/products/secure-encryption/greenshield/  
cryptovision’s ePasslet Suite on NXP passes 100 million mark

cryptovision’s ePasslet Suite on NXP passes 100 million mark

It is a collaboration that pays off for all parties involved: At the end of 2021, NXP has sold the hundred millionth chip with a license of cryptovision’s ePasslet Suite product.

The ePasslet Suite is a Java card framework for electronic ID documents. From electronic ID cards to electronic passports and signature cards, it can be used to quickly and easily implement almost any electronic identity document. The product is used in more than 30 projects in over 25 countries around the world.

cryptovision and the semiconductor manufacturer NXP® Semiconductors have been working together since 2010 to provide customers around the world with a secure platform for identity documents. The ePasslet suite framework is most commonly used on NXP’s Java Card operating system JCOP®. In addition, NXP offers the ePasslet Suite (under the name eDoc Suite) in its own product portfolio. Meanwhile, customers in Armenia, Ecuador, Ghana, Moldova, Nigeria, Rwanda, Sierra Leone, Uzbekistan and other countries are using this solution – as the number of licenses shows, with great success.

“The fact that we have now exceeded the 100 million mark with NXP proves on the one hand the high quality of the ePasslet Suite,” reports Rüdiger Horn of cryptovision. “On the other hand, the cooperation with NXP, its smart card chips and the Java card operating system JCOP is ideal to offer customers a proven platform for cryptovision’s ePasslet Suite.” Meanwhile, development continues: the new ePasslet Suite 4.0 version for JCOP 4.5, which has several new features, is expected to be available by the end of 2022.

ePasslet Suite web site: https://www.cryptovision.com/en/products/secure-id-applications/epasslet-suite/

 

Chiasmus replacement with GreenShield attracts great interest

Chiasmus replacement with GreenShield attracts great interest

cryptovision will be represented with two presentations at the renowned BSI congress next week. In both presentations GreenShield, cryptovision’s innovative email and file encryption solution, plays a central role. This is no coincidence, as GreenShield is currently in great demand.

In particular, Greenshield can be used to replace the encryption software Chiasmus, which has been in use for two decades. Its approval for data classified as VS-NfD was originally due to expire at the end of 2021, but the German Federal Office for Information Security (BSI) has now extended the deadline for the last time by six months.

According to the BSI’s replacement guide, there are only two products approved as Chiasmus successors in the VS-NfD environment – GreenShield is one of them. GreenShield supports S/MIME and PGP, both common standards for email encryption and signing. Both formats can also be used for files. When implementing this feature, the cryptovision developers placed great emphasis on user-friendliness. With success: Encryption or decryption requires – if at all – only a few mouse clicks, whereby the user does not have to deal with the two different standards and does not even have to know that they exist at all. If you want to know more about GreenShield’s sophisticated S/MIME-PGP integration, you can listen to the first of two cryptovision presentations at the BSI Congress on February 1 at 13:40. The speaker for this presentation, entitled “Processing PGP and S/MIME together”, is Dr. Matthias Edelhoff. Participation in the congress is free of charge.

Meanwhile, the introduction of GreenShield with automatic certificate management has started at a federal authority. This project is the topic of the second cryptovision presentation at the BSI Congress, which will also be held on February 1, at 14:05 – directly following the first one. The speaker is Martin Peeckhaus. Title of the presentation: “Email Security in an Environment with and without VS Requirements – A Case Study”.

GreenShield website: https://www.cryptovision.com/en/products/secure-encryption/greenshield/