Cryptsoft, a leading provider of key management technology for global enterprise and brand-leading security equipment providers, integrates Whitewood’s quantum-powered true random number generator, the Entropy Engine.
Customers can now enhance their standards-based key management tools to address the increased scrutiny placed on random number generation – the essential foundation of all crypto-based operations.
Boston, USA and Brisbane, Australia (March 2, 2016) – Whitewood, which develops crypto-security solutions, and Cryptsoft, the major OEM provider of Key Management Interoperability Protocol (KMIP) technology to the enterprise key management security market, today announced completion of a technology integration between the Cryptsoft KMIP C Server SDK and the Whitewood Entropy EngineTM. With this integration, customers are able to bring the power of quantum-based true random number generation to a wide variety of key management deployments with a level of performance and surety that can satisfy the needs of the entire enterprise.
With rapidly accelerating adoption of all forms of cryptography, ranging from encryption of data at rest, to Internet and network-based encryption, digital signing, and strong authentication, almost every enterprise is faced with the challenge of managing keys securely and at scale. There are fundamental conflicts to address; keys must remain secret and yet need to be available to applications where any failure could bring business systems to a halt. If keys are lost, enormous volumes of valuable data may stay scrambled forever, and if keys can be cracked or guessed then data can be exposed with devastating impact.
To address these widespread issues requires the use of key management systems that are standards-based, built on a trusted foundation, and that support the entire key management lifecycle from the creation of keys, to their use by applications, archival and eventual secure destruction. The mission-critical nature of key management systems increasingly brings them into the spotlight of security audits and compliance activities and forces vendors and customers alike to constantly evolve the security capabilities of this vital component of any IT security infrastructure.
“The security of any key begins with the methods used to generate it. Any key that is not truly random and unpredictable weakens the overall crypto system and puts data at risk. Generating true random numbers that are used to create keys is surprisingly difficult and our customers are constantly looking for new and improved ways to increase their level of assurance,” said Tony Cox, Director, Strategy & Alliances, at Cryptsoft. “We can now offer more choice to our KMIP Server SDK customers through the integration of the Whitewood Encryption Systems’ Entropy Engine random number generator. This integration option has three important advantages – it employs quantum mechanics, a fundamentally random source of entropy, it provides extremely high performance, and it is proven technology that originates from the world-renowned Los Alamos National Laboratory. We are excited to work with Whitewood to bring this innovative technology to a mainstream market.”
“Key management technology is difficult to get right and organizations and vendors around the world have turned to Cryptsoft for their proven implementations. They have led the industry by championing standards such as the Key Management Interoperability Protocol,” said Richard Moulds, General Manager for Whitewood. “Cryptsoft has a clear understanding of emerging market requirements and working with them, together we can further address one of the fundamental crypto challenges. Random number generation is no longer an issue that can be taken for granted and establishing a high level of assurance is now a standard of due care for anyone deploying a key management system.”
When applications need random numbers today they typically rely on deterministic software processes within the operating system of the device or server on which they execute. These otherwise predictable outputs are randomized by capturing apparently random signals or data from the local hardware platform or environment. However, the degree to which these sources of randomness are truly unpredictable and random varies enormously and is notoriously unreliable to measure. This inevitably results in the quality of randomness varying from device to device, leading to inconsistency and doubt. The combined solution from Cryptsoft and Whitewood enables high-quality true random numbers to be created centrally and delivered using standards-based protocols as part of a broader key management solution.
Whitewood’s Entropy Engine and netRandomTM system will be on display at booth 4915 at the RSA Security Conference in San Francisco (February 29 – March 4).
Cryptsoft is a privately held Australian company with 20 years’ experience in the cryptographic and security markets. Cryptsoft’s Key Management Interoperability Protocol (KMIP) and PKCS#11 software development kits (SDKs) for Server and Client empowers vendors to provide the secure, simplified, and vendor-agnostic interoperable enterprise key management solutions the global market is demanding. Cryptsoft is an OASIS Foundational Sponsor, SNIA and SSIF Voting Member. www.cryptsoft.com