Locks and Security News: your weekly locks and security industry newsletter
16th October 2019 Issue no. 479
Your industry news - first
We strongly recommend viewing Locks and Security News full size in your web browser. Click our masthead above to visit our website version.
Cryptovision starts product offensive against surveillance
Not a day passes without news of international and domestic surveillance activities of the so-called 'Five Eyes states' (the US, UK, New Zealand, Canada and Australia). Due to this threat, the demand for encryption technology has increased tremendously in recent months and German cryptology suppliers are uniquely positioned to profit from this development.
German cryptographic technology has acquired an excellent reputation, in stark contrast to the USA, France, Israel and a few other countries producing crypto solutions as the German state has never interfered with crypto vendors. Therefore German crypto products have never been under suspicion of containing hidden backdoors.
The Gelsenkirchen-based crypto supplier, cryptovision, has dealt with the activities of intelligence agencies for more than ten years. Their e-mail encryption solution cv act s/mail, which is used by the German Armed Forces amongst others, is an S/MIME solution that fully encrypts message data from sender-to-recipient, leaving no part of the message transmission unencrypted at any point in the delivery. This provides protection from prying eyes both inside and outside of the most powerful surveillance operations.
By integrating a separate security module with smartcard support for e-mail programs like Outlook and Notes, it provides two-factor hardware protection which ensures that even if the e-mail program used is manipulated, the security of the cryptographic module is not compromised. Because of its high security standard cv act s/mail is recommended for use by the German Federal Information Security Authority (BSI) and certified by NATO.
To combat the surveillance scandal, cryptovision react with two new product releases. One of the most effective ways of securing communication is to establish a Public Key Infrastructure (PKI) which is necessary for the full scale deployment of encryption technologies in an enterprise. This enables users within the PKI to securely communicate with each other in a very simple fashion. This encrypted communication can be extended to those outside the PKI through the use of digital certificates which may be stored on smart cards. Electronic identity documents also contain digital certificates, but usually with a different purpose of validating the security of the document itself. However, the use of both kinds of these digital certificates can be combined on a single card which allows for X.509 certificates good for authentication and encryption, as well as, card verifiable certificates used to prove the integrity of the document. The need to combine these different types of certificates is creating a high demand for technology that can issue both. cryptovision's, CAmelot, a fully modular certificate authority solution for PKIs, is now available in version 2.0. This new version has been extended and offers more robust support for both X.509 and CV certificate infrastructures. This highly flexible product features a modular architecture which ensures that no matter how varied the certificate demands of a project are they can be met.
The desire for strong encryption solutions is also driving the demand for cryptovision's security token middleware, cv act sc/interface. To provide both data security and ensure privacy, many corporate security officers have realized that encryption is no longer a luxury. But this need for heightened security comes with a tradeoff of reduced convenience. In order to encrypt data, user private key material must be protected and the need for a portable means of storing private keys driving the demand for the use of security tokens. Smart cards in particular are an ideal choice to provide hardware protection of private key material and corresponding certificates. cryptovision offer a highly interoperable smart card middleware that supports not only all major smart card operating systems, but also supports a number of other token form factors like USB tokens, secure micro SD cards and more.
With the new release, version 6.0 of cv act sc/interface adds additional support for new card operating systems and tokens, which ensures that customers have flexibility in selecting the token that best suits their needs. Further, cv act sc/interface now offers support for new eID card profiles that enable the use of Password Authenticated Connection Establishment protocol which provides chip and terminal authentication and prevents PIN sniffing of contactless cards. These middleware innovations enable smart card usage which deliver strong security in nearly any environment.
"cryptovision's goal is to keep state organizations from surveilling corporations and private persons", says cryptovision's CEO Markus Hoffmeister. "With our portfolio including the new product releases we will keep on being successful in this struggle."
cryptovision is a leading supplier of innovative cryptographic IT security solutions. From small devices like citizen e-ID cards, all the way to large scale IT infrastructures, more than 100 million people worldwide make use of cryptovision products every day in such diverse sectors as defense, automotive, financial, government, retails and industry. Based on its 13 year market experience and broad background in modern cryptographic techniques, such as Elliptic Curve Cryptography, all cryptovision products provide the most state-of-the-art and future-proof technologies. The company specializes in lean add-on components which can be integrated into nearly any IT system to gain more security in a both convenient and cost-effective way.
Tel.: +49 (209) 167 2479
Fax: +49 (209) 167 2461
22nd January 2014