Computer Security – Cryptography

There is a symbiotic relationship between cryptography and the development of high-performance computing systems. Modern-day computers were created at the behest of twentieth-century cryptanalysts. As the complexity of cryptographic systems progressed from mechanical to electronic systems, so did the need to develop more efficient methods to cryptanalyze them.

Cryptographic Module – Operator Authentication & Logical Interfaces

This post is part of the Computer Security – Cryptography posts series.
Operator Authentication
Authentication mechanisms could be demanded within a cryptographic module to authenticate an operator accessing the module and to verify that the operator is authorized to assume the requested role and execute services within that role. For Security Levels 2-5, a cryptographic module shall [...]

Operational Environments and OS Requirements for Modificable Operational Enviroments

This post is part of the Computer Security – Cryptography posts series.
Operational Environment
The requirements of this section apply only to modules containing software that run in a modifiable operational environment. The requirements do not apply to hardware only modules or anymodules with a non-modifiable operational environment.
The operational environment of a cryptographic module is the set [...]

Cryptographic Module – Software and Services

This post is part of the Computer Security – Cryptography posts series.
Software
SECURITY LEVEL 1
The succeeding necessities shall implement to software contained within a cryptographic module for this level of security.

All cryptographic code within the module shall be in executable form.
A cryptographic mechanism utilizing an authorized integrity technique (for instance, an aapproved message authentication code [...]

Multiple-Chip Standalone and Embeded Cryptographic Modules

This post is part of the Computer Security – Cryptography posts series.
Standalone
SECURITY LEVEL 1
In plus to the necessities for Security Levels 1 and 2, the succeeding necessities shall implement to multiple-chip standalone cryptographic modules for this level of security.

The multiple-chip embodiment of the circuitry within the cryptographic module shall be covered with a hard potting [...]

Free antivirus from Microsoft

Microsoft will launch a free antivirus for PCs – code named Morro – which will be available on the company website. The product, which is found in beta and will compete with products
sold by Symantec and McAfee.

A Microsoft representative announced Wednesday that the software manufacturer is preparing to launch a antivirus, in beta, which can be downloaded free from the company website. Microsoft has stated that the product is still in testing stage and refused to give an exact date for release, stating only that it will take place “soon”.

The danger awaiting behind a screensaver

When we’re talking about your computer security, the most dangerous online activities are searching for screensavers, the lyrics of songs and different stuff for free.
The report prepared by McAfee Inc., a firm specialize in Internet security, looks like hackers know what users search most and using sophisticated search programs , they can [...]

Development of a Cryptographic Module

A proper development process provides assurance that the implementation of a cryptographic module corresponds to the module functional specification and Security Policy, that the cryptographic module is maintainable, and that the validated cryptographic module is reproducible.

We specifies the security requirements for the representation of a cryptographic module’s security functionality at various levels of abstraction from the functional specification to the implementation [..]

The following requirements shall apply to cryptographic

The Elliptic Curve Digital Signature Algorithm (ECDSA)

Public-Key Cryptography Standard (PKCS)
Public-Key Cryptography Standard (PKCS) #1, RSA Cryptography Standard, defines mechanisms for encrypting and signing data using the RSA algorithm. PKCS #1 v2.1 specifies
two digital signature processes and corresponding formats:

1. RSASSA-PKCS1-v1.5 and
2. RSASSA-PSS.

Both signature schemes are Approved for use, but additional constraints are imposed beyond those specified in PKCS #1 v2.1.

1. Implementations that generate RSA key pairs shall use the RSA criteria and the method in B.3.2 to generate those key [..]

RSA Key Pair Generation

An RSA key pair consists of an RSA private key, which is used to compute a digital signature, and an RSA public key, which is used to verify a digital signature. An RSA key pair used for
digital signatures shall only be used for digital signatures, not for other purposes (e.g., key establishment).

An RSA public key consists of a modulus n, which is the product of two positive prime integers [..]