-
SP 800-56B and RSAES-PKCS1-v1.5 Update
Near the end of 2017, NIAP issued and later retracted Labgram #106. This Labgram warned that RSAES-PKCS1-v1.5 would be disallowed by NIST after 2017 which meant that it would also be disallowed by NIAP after 2017 in CC evaluations. The reason for the retraction was because NIST delayed…
-
As You Like It!
Over the last few years we have seen some maturation in the processes of providing information security assurance. This is good. First let’s roll back into history, to the days in the ‘70’s and ‘80’s, when it could not be safely assumed that the operating systems in use…
-
Collaboration and Openness to the Rescue of Entropy
This past September was my conference month. I first went to the 14th International Common Criteria Conference (ICCC) in Orlando, Florida and then a week later I was at the 1st International Cryptographic Module Conference (ICMC) in Gaithersburg, Maryland. The theme of the ICCC this year was a…
-
atsec AB performing first EAL4 evaluation to Swedish Common Criteria Scheme (CSEC)
Evaluation of Färist VPN and Firewall marks pioneering effort for Tutus AB, atsec AB, and CSEC Stockholm, Danderyd, Sweden – atsec information security AB is performing an EAL4+ evaluation of Tutus Data AB Färist VPN and Firewall for certification by the Swedish Certification Body for IT Security (CSEC).…