Cryptovision presents two lectures at the German IT Security Congress

Cryptovision presents two lectures at the German IT Security Congress

The German IT Security Congress, hosted by the Federal Office for Information Security (BSI), has been an important industry gathering for decades. The lecture slots are highly coveted and are awarded by a high-ranking committee via anonymous peer reviews.

This year, cryptovision has managed to place two presentations in this top-class program: On February 1 at 13:40 Dr. Matthias Edelhoff will talk about ” Processing PGP and S/MIME together”. This will be directly followed by Martin Peeckhaus at 2:05 p.m. with the topic “E-mail security in an environment with and without VS requirements”. The complete congress program is available on the BSI website.

The event, also known as the “BSI Congress”, used to take place every two years. Due to the ever-increasing importance of this gathering, the BSI has now switched to an annual rotation. Unfortunately, the Corona pandemic prevents this year’s edition from being held in the usual form as a face-to-face event. Instead, participants can expect a virtual congress. Participation is free of charge.

The trade fair accompanying the congress will also be held virtually this year. Cryptovision will again be present with a booth. An overview of the exhibitors will soon be available on the BSI website. We are looking forward to your visit!

Website of the German IT Security Congress

 

Cryptonite in Paris: Party and networking on the Seine

Cryptonite in Paris: Party and networking on the Seine

After last year’s Trustech in Cannes had fallen victim to the pandemic, it celebrated a comeback in the heart of Paris. cryptovision was also on site and – true to tradition – invited selected customers and partners to the famous Cryptonite party on the evening of December 1st. During a night cruise on the Seine, 100 hand-picked guests enjoyed champagne and petits fours in front of a fascinating backdrop. Participants came from Europe, Africa, North and South America. For the first time, they were also able to exchange ideas with top managers from the new cryptovision owner Atos.

The following video gives some impressions of this extraordinary event:

 

Trade fairs and conferences in which cryptovision participates: https://cryptovision.com/en/events/

 

cryptovision customer Ghana is included in the ICAO public key directory

cryptovision customer Ghana is included in the ICAO public key directory

The African country Ghana has now been accepted into the ICAO Public Key Directory. Ghana has become the 79th nation listed. cryptovision has played a major role in the preparation of this achievement, providing both software solutions and consulting.

Since 2011, the International Civil Aviation Organization (ICAO) has been operating a database for which each authorized state provides a cryptographic key: the ICAO Public Key Directory (PKD). With the keys in this database, forged electronic identity documents can be easily detected. However, inclusion in the ICAO PKD is subject to strict conditions. In particular, the production and issuance of identity documents in the country concerned must meet high security requirements.

After Ghana fulfilled all these requirements, the ICAO included the country’s key in their PKD in mid-October. cryptovision is especially proud of this, as the Gelsenkirchen-based company has built the cryptographic infrastructure for the Ghanaian identity document (Ghana Card). For instance, the authority issuing digital certificates for the Ghana Card is operated with the cryptovision product CAmelot.

cryptovision’s client in Ghana is a public-private partnership consisting of the residents authority NIA and the Margins Group. Members of these two organizations will attend their first ICAO PKD Board meeting in Amsterdam from October 27-28.

cryptovision has been active in Africa for more than ten years and has carried out numerous projects there in the field of electronic identity documents. The inclusion of Ghana into the ICAO Public Key Directory shows again that cryptovision can build complex cryptographic solutions that meet stringent regulatory requirements.

List of PKD participants: https://www.icao.int/Security/FAL/PKD/Pages/ICAO-PKDParticipants.aspx

This text has been corrected. In the original text the term “ePassport” was used when the correct description is “electronic identity document”.

 

GreenShield version 1.2.3 receives VS-NfD approval

GreenShield version 1.2.3 receives VS-NfD approval

The countdown is on! On December 31, 2021, the VS-NfD approval of the widely used encryption software Chiasmus will end. If you are still looking for a successor solution, GreenShield from cryptovision is the first choice. With GreenShield you can encrypt both emails and files in a VS-NfD compliant manner – easier and more user-friendly than was ever possible with Chiasmus.

Unlike Chiasmus, which runs as standalone software, GreenShield is implemented as an add-in for Microsoft Outlook, HCL Notes and Windows. It integrates seamlessly with the user’s email program or operating system, making it particularly intuitive and easy to use. Handling passwords is more convenient than with Chiasmus, as the user does not need to obtain or create a key file for this purpose. Smartcards or tokens can be used for asymmetric encryption.

Since a few days the new GreenShield version 1.2.3 is VS-NfD approved (BSI-VSA-10600). With this version, among others, the smartcards Atos CardOS DI 5.4 QES, G&D SmartCafé Expert 7 with ePassletSuite 3.0 as well as Telesec TCOS 4.0 can now be used in approved operation. As cryptovision always attaches great importance to usability, the developers have also further improved the user guidance of GreenShield and made it even more intuitive. For example, the user now receives practical support if GreenShield is unable to assign a suitable recipient key – even though this rarely occurs. Chiasmus detachment is made even more convenient by these innovations.

Are you interested in replacing Chiasmus with GreenShield? Then contact us. Government agencies can also order GreenShield directly through the Kaufhaus des Bundes (RV# 21230).

Replace chiasmus with GreenShield (German): https://www.cryptovision.com/de/produkte/sichere-verschluesselung/greenshield/

cryptovision employee Klaus Schmeh gives lecture at TeleTrusT Signaturtag

cryptovision employee Klaus Schmeh gives lecture at TeleTrusT Signaturtag

The Corona break was long, but since autumn 2021 trade fairs and congresses have been held again in the computer industry. Also cryptovision is happy about this piece of regained normality. Last week cryptovision employee Klaus Schmeh took the opportunity and made his way to Berlin for a lecture. At the Signaturtag, organized by TeleTrusT and VOI, he gave a presentation on the topic “The three most important post-quantum signature procedures explained clearly”.

Schmeh’s goal of making the subject of post-quantum cryptography understandable to laypersons is no easy task, because the various procedures are mathematically extremely demanding. In the meantime, it has become clear which of the many dozens of post-quantum methods will prevail in practice. Among the favorites are also five signature methods that have already been standardized or have reached the final round in the post-quantum competition of the U.S. authority NIST. Schmeh presented three of these algorithms in his talk.

For his presentation, the long-time cryptovision employee used, as usual, his original slides in cartoon design and vivid analogies from everyday life. Even listeners without a mathematics or computer science degree got an idea of how CRYSTALS-DILITHIUM, Rainbow or extended Merkle signatures work.

After the successful start, the trade fair and congress autumn continues for cryptovision. From October 12 to 14, it-sa in Nuremberg is on the agenda.

cryptovision-Whitepaper zur Post-Quanten-Kryptografie: https://www.cryptovision.com/wp-content/uploads/2021/04/Whitepaper_Post_Quantum_Kryptografie_210421.pdf

 

GreenShield e-mail security software convinces BWI for the German Armed Forces

The IT system house of the German Armed Forces, BWI, has concluded a contract with cv cryptovision GmbH for the use of the GreenShield e-mail security software. Based on a corporate license, more than 160,000 communication subscribers will be successively equipped with the security software for e-mail encryption and digital signature. Cryptovision has been supplying the Bundeswehr with email security software for the electronic processing of classified information up to the classification level “VS-Nur den Dienstgebrauch” (VS-NfD) since 2004.

GreenShield protects e-mails and files on the basis of end-to-end encryption and enables the recipient to verify the integrity of the content and the sender by means of digital signatures. A decisive unique selling point is the interoperability of the cryptovision solution: GreenShield is the only email encryption solution for IBM / HCL Notes on the German market that has been approved by the German Federal Office for Information Security (BSI). The solution’s multi-client capability is also unique: it supports both Outlook and Notes on the same device. Thus, GreenShield enables a smooth migration from Notes to Outlook.

The encryption of files and e-mails is done with just a few clicks and intuitively for the user in the familiar environment of his e-mail program. The GreenShield plug-in integrates seamlessly into the email program as an additional layer of security and offers both users and administrators many additional convenience features.

 

cryptovision product GreenShield included in NATO catalog

cryptovision product GreenShield included in NATO catalog

In NATO jargon, information security is referred to as “Information Assurance” (IA), and it is not surprising that the military alliance places great emphasis on this topic. Members of the organization are only allowed to use IA solutions that are specifically approved for NATO. Which products have cleared the high approval hurdles can be found in the “NATO Information Assurance Product Catalogue” (NIAPC), which is available online. Since last week, NATO has also listed GreenShield from cryptovision there.

GreenShield is one of the few encryption solutions approved in Germany for information classified “Verschlusssache – Nur für den Dienstgebrauch” (VS-NfD). This applies to both email encryption with GreenShield Mail and file encryption with GreenShield File. Both versions also have the “NATO RESTRICTED” (NR) approval.

By receiving NR approval, GreenShield also qualified for the NATO product catalog. GreenShield Mail and GreenShield File are listed with two separate entries, including screenshots and brochures.

cryptovision is well known in the exclusive NATO catalog. The predecessor product s/mail has been there for years, it also has the necessary NR approval.

GreenShield product page: https://www.cryptovision.com/en/products/secure-encryption/greenshield/

 

223 billion euros in damage caused by cyberattacks on German companies

223 billion euros in damage caused by cyberattacks on German companies

The damage caused by cyber attacks on German companies is increasing at an alarming rate. While it was still 103 billion euros per year in 2018/2019, the German economy already had to accept 223 billion in damage from digital attacks in 2020/21. This is the result of a representative study by the digital association Bitkom, for which more than 1,000 companies across all industries were surveyed.

According to the study, ransomware attacks are particularly frequent and dangerous. The criminals now not only threaten to destroy the affected data if the victim does not pay. Rather, it is also popular to publish the data if the ransom is refused – for many companies, this is an even bigger nightmare than data loss. In addition to ransomware, other forms of cybercrime are booming, including cyber espionage and data theft.

The Bitkom study makes it clear once again that every company should encrypt important files and e-mails. Because as soon as information is reliably encrypted, it becomes virtually worthless to cyber spies and data thieves. The ransomware threat to publish the stolen data if the ransom is not paid also comes to nothing if the data is encrypted.

The frightening increase in cyber attacks is one more reason to choose cryptovision’s GreenShield software. GreenShield offers both email and file encryption at the highest level. The product can look back on a 15-year development history, during which cryptovision has always placed great emphasis on user-friendliness. The two formats S/MIME and PGP are equally supported. GreenShield is therefore extremely easy and intuitive to use. Furthermore, GreenShield is one of the very few encryption solutions that have been approved by the German Federal Office for Information Security (BSI) for data of the security level “Classified Information – For Official Use Only” (VS-NfD). This approval proves that the product meets the highest security requirements. NATO also lists GreenShield File and GreenShield Mail on its website.

It is not only the Bitkom study that shows that IT security measures are becoming increasingly important. A look at the GreenShield website is therefore worthwhile.

GreenShield website: https://www.cryptovision.com/en/products/secure-encryption/greenshield/

 

GreenShield: Now available in the Kaufhaus des Bundes

GreenShield: Now available in the Kaufhaus des Bundes

cryptovision has concluded a framework agreement with the procurement office of the Federal Ministry of the Interior (BMI). Through this agreement, authorities and federal institutions can purchase the cryptovision software GreenShield in the future via the Kaufhaus des Bundes (KdB) – directly and uncomplicatedly .

Founded in 2003, the Kaufhaus des Bundes is the online ordering platform for German authorities and federal institutions. cryptovision’s GreenShield will be available there under contract number 21230. The offer also includes accompanying services for the implementation, operation and support of the software.

GreenShield protects e-mails and files in a user-friendly way against manipulation and uninvited readers. State-of-the-art cryptography is used for this purpose. For e-mails, GreenShield offers end-to-end security. As a plug-in for Outlook and Notes, GreenShield integrates seamlessly into the respective e-mail program as an additional security layer. Users can sign and encrypt in their familiar environment with just a few intuitive mouse clicks. In addition, there are numerous convenience features that make life easier for users and administrators.

GreenShield is one of the few solutions of its kind to be approved by the German Federal Office for Information Security (BSI) for processing classified information with classification level “Verschlusssache – Nur für den Dienstgebrauch” (VS-NfD).

Markus Hoffmeister, managing director of cryptovision, is pleased about the conclusion of the contract: “Protected e-mail communication of authorities and companies is subject to special legal requirements. We have therefore developed a highly secure end-to-end solution for e-mails which, thanks to the BSI approval, allows authorities and companies to comply with the requirements up to VS-NfD and at the same time offers users considerably more convenience than conventional solutions,” says Hoffmeister.  “We are very pleased that we were able to convince the BMI procurement office with GreenShield.”

Cryptovision has many years of experience in developing user-friendly security solutions for public authorities and companies. In cooperation with certification and IT security authorities, numerous products have already been created that are approved for processing information up to the classification levels VS-NfD, NATO- and EU-restricted.

cryptovision’s solutions are widely used in public administration, in the military and in the classified economy. In addition, they are used by organizations that rely on high security standards when processing their data. These include banks, insurance companies, industrial enterprises and operators of critical infrastructures (KRITIS).

Protecting confidential data for the future: Whitepaper explains post-quantum cryptography

Protecting confidential data for the future: Whitepaper explains post-quantum cryptography

Do you know lattice-based cryptographic methods? Or multivariate signatures? If not, then you should look into them, because these and a few other methods are currently on the rise. They belong to the so-called “post-quantum cryptography”. This term covers those crypto methods that protect against the great sword of Damocles that currently threatens cryptology: quantum computers.

A quantum computer uses the effects of quantum physics and thus functions completely differently than a conventional computer. A mature quantum computer could decrypt almost all asymmetric crypto methods currently in use with little effort. Fortunately, the devices of this type available so far are still far from being practically usable. But technological development is advancing, and in just a few years, powerful quantum computers could become a reality, rendering large portions of crypto implementations in use around the world useless overnight. To pre-empt such a digital apocalypse, one should already start working on those crypto methods that cannot be cracked with quantum computers – i.e., post-quantum cryptography.

Unfortunately, the various post-quantum methods are mathematically extremely demanding and thus not easy to understand. cryptovision has therefore made it its business for years to explain the subject in a clear way. In articles and lectures, the company’s employees present their audience with easy-to-understand descriptions of the most important post-quantum methods – based on vivid analogies and illustrated with comic drawings. Among others, the RSA conference in San Francisco and the 44CON hacker conference in London included such a lecture in their program.

Now cryptovision has taken another step in this direction: As of today, a whitepaper on post-quantum cryptography is available for download on the company’s web site. It explains the general post-quantum basics as well as the most important algorithms – including lattice-based crypto methods and multivariate signatures.

Post-quantum cryptography is undoubtedly a challenging topic. With cryptovision’s new whitepaper you will find a good introduction.

Whitepaper “Post-Quanten-Kryptografe” (German): https://www.cryptovision.com/wp-content/uploads/2021/04/Whitepaper_Post_Quantum_Kryptografie_210421.pdf