Welcome to the final installment in our series on quantum-safe cryptography! In this post, we'll explore how to integrate cryptographic discovery methods into your CI/CD pipeline, focusing on repository events like commits and pull requests. The Quantum Threat As quantum computers evolve, they pose a significant threat to many of our current cryptographic algorithms. Notably, RSA and ECDSA, which form the backbone of much of our digital security, are vulnerable to quantum attacks. It's crucial to identify and replace these…
Welcome to the seventh installment of our comprehensive series on cryptographic discovery and quantum readiness. In this article, we'll explore how to create a discovery method for identifying quantum-vulnerable algorithms directly within your Integrated Development Environment (IDE) as part of your CI/CD pipeline. This approach aligns with NIST's recommendations for post-quantum preparedness and brings cryptographic validation right to the developer's fingertips. Introduction As quantum computing looms on the horizon, the need to secure our codebases against quantum threats becomes increasingly…
Welcome to the fifth and sixth installments of our comprehensive 8-part series on discovering cryptographic usage in your organization and cataloging it according to risk. This combined guide focuses on validating the discovery of quantum-vulnerable algorithms in executable files on both Windows 11 clients and Linux systems (specifically Ubuntu 22.04 Server Edition). Introduction As quantum computing technology advances, the threat to traditional cryptographic algorithms like RSA and ECC grows more significant. The National Institute of Standards and Technology (NIST) has…
Welcome to the most recent installment in our comprehensive 8-part series on discovering cryptographic usage in your organization and cataloging it according to risk. In this article, we'll focus on validating the discovery of quantum-vulnerable algorithms in non-executable files on both Windows-based and Linux-based operating systems. Introduction As quantum computing races towards practical reality, the cryptographic foundations of our digital world face an unprecedented threat. Quantum computers have the potential to break widely-used algorithms like RSA, DSA, and elliptic curve…
In today's rapidly evolving digital landscape, staying ahead of cybersecurity threats is crucial. This blog post explores two key topics: the Crypto Agility Risk Assessment Framework (CARAF) and methods to validate quantum-safe algorithms in SSH protocol version 2. Crypto Agility Risk Assessment Framework (CARAF) As organizations face increasing cybersecurity challenges, the need for adaptable and robust cryptographic solutions has never been greater. CARAF offers a structured approach to support rapid adaptations of new cryptography with minimal organizational impact. CARAF…
In the rapidly evolving landscape of cybersecurity, the emergence of quantum computing poses a significant threat to our current cryptographic standards. Recognizing this challenge, the National Institute of Standards and Technology (NIST) has released Special Publication 1800-38B, "Migration to Post-Quantum Cryptography Quantum Readiness: Cryptographic Discovery." This comprehensive guide outlines the critical steps organizations must take to prepare for the post-quantum era, with a particular emphasis on discovering and cataloging current cryptographic usage. Our 8-part series aligns closely with NIST's recommendations,…
In an era where quantum computing looms on the horizon, threatening to unravel the very fabric of our digital security, the need for quantum-safe cryptography has never been more pressing. We're excited to announce a new 8-part blog series that will guide you through the crucial process of cryptographic discovery in your organization, based on the tests suggested by the National Institute of Standards and Technology (NIST). NIST's Collaborative Approach to Standardization NIST has been at the forefront of preparing…
This week marks a pivotal moment in cybersecurity with the release by the National Institute of Standards and Technology (NIST) of three Post-Quantum Cryptography (PQC) encryption algorithms. This announcement underscores the urgent need for enterprises to take stock of their cryptographic assets and prepare for the quantum era. Why This Matters Quantum computers, while not yet fully realized, pose an existential threat to many of our current encryption methods. Once operational, these machines will have the compute power to break…
Cryptographic protocols, the secret behind encrypted communication, keep your online interactions safe. There are numerous types of cryptographic protocols, and enterprises use lots of different types from lots of different devices (routers, printers, IOT devices, etc.). But how do you know which protocols are being used on your network and whether they are secure enough? Here's where TYCHON can help. The TYCHON Cryptographic Network Scanner, a new TYCHON Quantum Readiness feature, serves as your digital detective to track down your…
Apple's recent announcement of a new Post-Quantum cryptographic protocol highlights the urgency for secure communications in the face of emerging quantum computing threats. While the private sector may have the agility to implement these changes quickly, the federal government faces unique challenges. The Cryptographic Discovery Conundrum One of the most significant hurdles in transitioning to quantum-resistant cryptography within federal agencies is the Discovery phase. This involves: Complex Environments: Federal agencies operate vast, interconnected systems with decades of legacy technology. Cryptographic…
Read More
If you have an idea about a blog topic that you would like to read, please contact media@tychon.io!
