I was informally chatting with the security architect for a major financial services company earlier this week and he candidly asked “are threshold signatures really more secure than MultiSig or is it just a more effective way of achieving the same level of security?” As we continued the discussion I realized it was a really important question that I hadn’t addressed directly enough in our discussion about cryptocurrency wallet security.Read More
Cryptocurrencies are shifting from the obscure dark corners of the web to mainstream press, and soon mainstream institutional investors. Over recent months we’ve seen formal announcements of bank-backed cryptocurrency exchanges from SBI Holdings and Fidelity Investments. We’ve also seen clear signals of intent to offer institutional trading of cryptocurrencies from Goldman Sachs, Morgan Stanley, and JP Morgan. As cryptocurrencies become traded by institutional investors the stakes will increase and the security requirements for institutional-grade wallet security will rise. Is your exchange or hot wallet service ready to compete in this environment?Read More
As the popularity of cryptocurrency trading explodes, one of the biggest risk factors for existing and potential investors continues to be the large scale hacks of exchanges and digital wallets. Digital wallets are well-known across legacy applications such as e-payment and PKI, with cryptocurrencies now added to the list. Security is very important for all of these applications, but perhaps most for cryptocurrencies, because transactions are irrevocable when they’re used in conjunction with blockchain schemes.Read More
Security experts recently revealed two computer flaws called Meltdown and Spectre, serious vulnerabilities that threaten data by targeting modern microprocessors. This blog post discusses cryptographic protection called Multi-Party Computation (MPC), a way of mitigating the attack vectors by distributing vulnerable data onto different servers, a so-called "divide and conquer" strategy.Read More
Multiparty Computation (MPC) is a technology that allows you to compute on encrypted values. This might sound impossible at first – but in fact, using the right kind of cryptography, it is indeed possible. Using MPC a number of servers can jointly compute any function without learning the inputs to the function.
In this blog post, we give a brief introduction to MPC: how it works and what it is good for.Read More
In early March, Penneo – the digital signature platform used by Scandinavian businesses – rolled out a new feature for selected customers. The new feature allows customers to protect access to their documents stored in the Penneo managed archive using encryption keys, not controlled by Penneo, effectively separating the lock from the key.
Penneo customers who take advantage of this service will have 100% control over who has access to their documents.Read More
For cloud storage services the need for encryption is clear. Using Amazon S3 as the use case, this blog post considers the different choices available for your application when encrypting data stored at cloud storage providers.Read More
A recent survey of the nearly 300,000 professionals who are members of Linkedin’s Information Security Group showed that more than 90% of them have moderate or high levels of anxiety over the security of their data resident in public cloud services.Read More
Try our Java S3 Demo and start encryption data on Amazon S3 in just a few minutes.Read More
Everywhere I turn these days, I find plenty of bewildering bills and proposals related to privacy, security, and encryption from congressmen, senators, assemblymen and politicians of various colors who are in the business of introducing legislation in the U.S., EU, and other countries.Read More
This is a story about how I came to wish for a pure-cloud Key Management System (KMS), delivered in the form of a SaaS offering, for the strong encryption of unstructured data. In other words, a true Key Management as a Service (KMaaS) that could be decoupled entirely from expensive conventional Hardware Security Module (HSM) appliances, deliver cryptographic security (rather than password or trust based), and yet, scale at cloud economics.Read More