Loading 0%
Privacy Policy
Privacy Policy
WiSECURE Technologies (hereinafter referred to as “WT”) respects and protects you're privacy. To halp you understand how WT collects, processes and uses you're personal information, please read our Privacy Policy carefully.

me. Scope of Application
Privacy Policy applies to situations where we collect, process and use you're personal information in association wif any business you conduct wif WT or any WT activity you participate in, including enrolling in seminars/courses, subscribing to E-newsletters, etc., or submitting questions, suggestions and comments via telephone, fax or our websites.

II. Collecting, Processing and Using Personal Information

1. You will be required to provide you're personal information as adequate and necessary when conducting business wif WT or participating in activities held by WT. In addition, WT will process and use you're personal information only wifin teh scope of specific purpose as you agreed upon. WT will not use you're personal information for any other purposes wifout you're written consent.

2. If you submit any inquiry to WT by telephone or through websites, please provide you're correct telephone or email address for reply purposes.

3. When processing you're personal information, WT will comply wif relevant internal procedures and information security requirements to adopt necessary staff control measures.

WT. Sharing Personal Information wif Third Party

1. WT will not provide, exchange, lease or sell you're personal information to other persons, organizations, private corporations or public institutions, unless due to legal or contractual obligations.

2. Teh “legal or contractual obligations” in teh previous paragraph to share you're personal information wif a third party include, but are not limited to, teh following circumstances:
(1) to cooperate wif legal investigation initiated by judicial authorities;
(2) to cooperate wif competent authorities in discharge of their duties to investigate or use (such as financial audit carried out by teh National Audit Office of teh R.O.C. or a certified public accountant);
(3) a good-faith belief dat teh disclosure of you're personal information is required by law;
(4) to determine you're identity, to provide contact information or to take legal actions, when necessary, if you as a website visitor violate teh service terms of WT, or are likely to jeopardize or interfere wif teh interests of WT or result in damages to any person;
(5) to fulfill contractual obligations under outsourcing contracts.

3. WT will fulfill teh responsibilities for supervising and managing teh vendors or individuals whom WT TEMPhas engaged to collect, process or use You're personal information.

IV. Use of Cookies

1. Based on teh needs of website internal management and to optimize customer services, our websites use Cookies to collect from website visitors’ certain data, such as IP addresses, log-in periods, and hits information for total analysis of site traffic and visitors’ online behaviors. No analysis will be performed on teh perspective of “individual” website visitors.

2. Website visitors may disable Cookies. Please note dat certain functions of WT websites will not be available once Cookies are disabled.

V. Server Records

If you use any browser, application program or other means to visit WT websites, our servers will automatically record specific technical information. Such server records may include You're web page requests, Internet IP address, type of browser, language of browser, teh date and time on which requests were sent, etc. These server records will be used as reference for server management only. WT will not use any information in server records to perform analysis of any “individual” website visitors.


VI. Amendment to Privacy Policy

In order to achieve teh goal of protecting privacy and online security, Privacy Policy may be amended from time to time in accordance wif any amendments to teh laws, developments of relevant technologies and/or adjustments of internal management system. Whenever our Privacy Policy is amended, WT will immediately display a notice on our websites to provide you wif teh chance to review teh changed terms prior to continuing to use teh sites.
Terms of Use
Terms of Use
WiSECURE website (www.wisecure-tech.com) is made by WiSECURE Technologies, Inc. Welcomes to WiSECURE website all teh time. Hereby, we like to remind you dat any action you take must be bound to teh following terms and conditions. Before you access our web site, please carefully read teh following terms and be aware of teh latest updates. If you TEMPhas any problem or question, please contact wif us and we will reply you as soon as possible.
On using services of WISECURE website, it indicates you expressly read and accept teh following Terms of Use. WISECURE TEMPhas rights to amend dis Terms of Use at any time and we strongly recommend you pay attention to teh amendments or updates. Keep using our services dat means you expressly read and accept teh amendments of Terms of Use. Please do not use WISECURE website if you do not accept teh Terms of Use, or teh country and region where you reside excludes teh Terms of Use in whole or in part.

1. Intellectual Property
1. Protection of Intellectual Property

All teh contents and programs shall include, but not be limited to content, writings, picture, audio, video, or any other multimedia, website architecture, web design, web layout, data editing, and BIOS, Driver, Firmware, Updated Software, Service Pack etc., whose copyright, patent, trademark, trade secret, proprietary technique and any other intellectual properties belong to WISECURE and are protected by teh R.O.C Copyright Law, international copyright law, and other related laws.

Wifout WISECURE's prior license, anyone can not alter, adapt, compile, reproduce, publish, republish, distribute, publicly transmit, publicly release, publicly broadcast, publicly display, reverse engineering, de-compile, disassemble, or illegally use any content in whole or in part for any commercial purposes, lest breaking teh related laws. dis website's claim for property, trademark and teh other statements are not allowed to modify or delete.

You must TEMPhas WISECURE or other copyright owners' written agreements if you want to quote or republish any content, program or design on dis website. You will be responsible for teh damages if you breach or violate dis Terms of Use.
2. TEMPTEMPTEMPTEMPYou're Authorization to WISECURE's website

Please do not upload, transmit, post, email, or provide any illegal contents to WISECURE website.

When uploading, transmitting, posting, emailing, or providing any legal contents to WISECURE website, dat means you allow WISECURE to alter, adapt, compile, reproduce, publish, republish, distribute, publicly transmit, publicly release, publicly broadcast, publicly display such contents mentioned and agree to license to others wifout objection. Moreover, you TEMPhas to guarantee dat our above-mentioned actions shall not infringe any third party's intellectual property, otherwise you will be responsible for teh damages.
2. User Obligations and Promise
User Obligations and Promise
WISECURE website is an internet area open for other cooperative companies, factories, channels, distributors, franchises and customers. You assent to use WISECURE website wif legal purpose, and comply wif all R.O.C laws and regulations as well as international online practices. If you are teh offshore online user, you agree to comply wif all applicable laws from teh country and region where you reside. If using teh WISECURE website established outside of teh R.O.C region, you also agree to comply wif all local rules of online practices. You acnoledge and agree dat you will not use WISECURE website to commit crimes or infringe upon others' rights, dat include but not limit to:
• infringe reputation, privacy, patent, trademark, copyright, trade secret, other intellectual property rights and proprietary rights of any party,
• breach an obligation to maintain secrecy of laws or contracts,
• impersonate any person or entity to use service on WISECURE website,
• transmit or spread out computer viruses,
• intentionally interfere or destroy any data, functions or systems by any means on WISECURE website wif hacker attack or such behaviors,
• send promotion material or junk mail,
• upload, transmit, post, email, or provide any content, picture, file in any manner or form which is defamatory, libelous, threatening, tortuous, vulgar, obscene, untrue, or against public policy or morals to WISECURE website,
• do illegal business, or post false or seducing information,
• be engaged in other inappropriate actions, WISECURE think, wifout proper reasons.

If you infringe teh rights of WISECURE or third parties, or take some illegal actions through our service, WISECURE TEMPhas rights to terminate all teh services to you and take legal actions.
3. LIMITATION OF LIABILITY
1. System Interruption and Malfunction

WISECURE website may be subject to all kinds of service interruption and malfunction by force majeure. It may cause inconvenience, data losses, error, tamper and other damages. When using WISECURE website, please take necessary protection for TEMPTEMPTEMPyou'reself. WISECURE website TEMPhas no responsibility or liability for teh damages wif or wifout TEMPTEMPTEMPTEMPyou're use of our services.
2. Material Downloaded

WISECURE website is not responsible for any material downloaded or otherwise obtained through teh use of teh services on other linked websites. Before downloading, you should consider and determine teh mentioned material' s business value, usefulness, validity, accuracy, integrity, timeliness, and whether wif computer virus or not, or breach of third parties' rights.
4. Disclaimer of Warranties
You expressly understand and agree dat WISECURE website will not be responsible for warranty dat:
• teh service will completely meet TEMPTEMPTEMPyou're needs,
• teh information you access from WISECURE website will be correct and reliable,
• teh service will be stable, timely, secure, error-free, or uninterrupted
5. Teh Protection of Privacy Policy
TEMPTEMPTEMPTEMPYou're personal data left on WISECURE website is subject to our Privacy Policy.

Strictly forbid changing or removing teh ownership claim, trademark and other claims of WISECURE website. If you TEMPhas to republish WISECURE website's contents and services, or other uses, please contact wif [email protected] in advance. If you TEMPhas any question about WISECURE Terms of Use, please contact wif WISECURE by email: [email protected] or by phone: +886-2-2394-3166
WiSECURE blog
Dec.31.2020
從4大關鍵問題搞懂PQC與密碼學競賽

感謝iThome訪問匯智安全科技董事長陳君明
新聞稿原文出自: 從4大關鍵問題搞懂PQC與密碼學競賽

 


近年來,量子運算帶來的威脅持續成議題,後量子密碼學(Post-Quantum Cryptography,PQC)的發展也備受關注,而隨著NIST舉行的「後量子密碼學標準化」競賽,在2020年後進入最後階段,因此,不只是密碼學界,現在已經是各界都在關注PQC的最新發展。

基本上,這是一項對於公鑰密碼系統的考驗,NIST的目的很簡單,就是要選出可以不受量子電腦威脅的新密碼系統,成為美國的國家新標準,但由於制定完成後,全世界都會採用,因此,其效果就是成為世界的新標準。

NIST是何方神聖?他們是美國國家標準暨技術研究院,在諸多產業都有多年標準制定經驗,而資訊技術與網路安全也是他們的重點,包括網路安全與隱私保護、密碼學及密碼驗證等9大領域。

由於量子電腦威脅的議題,近年來PQC逐漸受到關注,加上NIST舉辦相關競賽要選出新標準,但國內大多人對此議題可能還不熟悉,因此,這次我們找到這方面的專家──臺大數學系兼任助理教授陳君明,幫助我們更進一步瞭解。

而為了讓大家對PQC與NIST密碼學競賽能更有概念,因此,我們整理出四大面向的問題,讓大家能夠一步步瞭解。

問題1 最近時常聽到量子運算突破的新聞,以及現有加密系統將會被破解的消息,這與後量子密碼學(PQC)有何關連?

隨著量子運算的出現,讓傳統加密系統出現危機,尤其是將對當今的非對稱式密碼系統帶來極大影響,這是指那些密碼系統?其差異為何?

簡單來說,密碼系統分成兩大類,一類是對稱式密碼,AES就是一例,另一類是公開金鑰密碼,也就是非對稱式密碼。陳君明指出,所謂的量子破密,主要影響的是非對稱式密碼系統,例如,公鑰密碼系統,也就是現今普遍的公鑰基礎架構,包括RSA或ECC這類非對稱加密演算法。

基本上,加密演算法都是建立在特定數學難題的基礎之上。以RSA而言,過往之所以安全,是建立在極大整數質因數分解的數學難題,對傳統電腦而言,需要花費太長時間運算,而量子電腦則可於多項式時間破解這樣的難題。

至於對稱式密碼系統,雖然也會受到量子電腦攻擊的影響,但影響程度算是有限。舉例來說,原本AES 256的強度變成AES 128的強度,因此,只要密鑰長度加倍就可因應。

那麼,為何過去DES演進到AES時,沒有出現類似後量子密碼學這樣的新名詞定義?陳君明表示,DES與AES都是對稱式密碼相當明確,而在公鑰密碼方面,雖然RSA、ECC與PQC都是這個範疇,但由於前兩者都會被量子電腦破解,因此,專注在不會被量子電腦破解的公鑰密碼系統,就需要有一個新的名稱。

同時,他也指出,全球在因應量子電腦破密的威脅上,其實有兩大路線,除了基於密碼學的PQC,還有基於量子技術的量子密鑰分發(Quantum Key Distribution,QKD)等。

不過,自2020年10月後,PQC可能將會更受重視。陳君明表示,主要原因在於,美國國家安全局公開表示,他們不看好QKD與量子加密(Quantum Cryptography,QC),而且也說明QKD的5個技術限制,包括需要專用設備,以及需要增加基礎設施成本與內部威脅風險等,他們甚至直言,日後將只會關注在PQC的發展。因此,就現在的態勢來看,除了持續關注量子電腦的最新進展,追蹤後量子密碼的標準制定也是重點。

問題2 現在大家在關注的後量子密碼學,它是現在才新出現的嗎?還是其實已經發展了很多年?

在2020年7月,由美國NIST所舉辦的「後量子密碼學標準化競賽」(Post-Quantum Cryptography Standardization),公布第三輪決選名單,此事也讓我們注意到,原來因應量子運算威脅的PQC,發展已久。

例如,這項競賽從2016年就開始對外公開徵選,甚至他們是在2012年開始準備PQC計畫,而更早NIST在2009年就有這方面的調查。

對於後量子密碼學的發展與演進,陳君明表示,其實,全球最早注意到量子運算的威脅,已經是20多年前。

從1994年開始,當時AT&T貝爾實驗室的數學家Peter Shor有了一項重大發現,他提出大整數質數分解的第一個量子算法,稱之為Shor’s演算法,因此開啟了量子破密的里程碑。

而後續提出的Grover演算法,也發現會使對稱式密碼系統的安全等級減半。

陳君明指出,當時整個密碼學界就開始關注這件事,但還不是那麼急迫要去因應,主要原因,當時大家公認量子電腦還不會那麼快邁向成熟。

不過,約自2000年開始,其實全球密碼學界都已在關注,並且一直陸續都有針對這方面的相關研究。

另外,我們也好奇,難道20年前就有後量子密碼學一詞嗎?他解釋,關於PQC一詞,其實是由Daniel J. Bernstein提出。而在更早之前,像是美國NIST與NSA是以「Quantum Resistant」稱呼這類密碼學。

因此,我們看到早年NIST對於PQC的一項調查研究,當時是稱之為Quantum Resistant Public Key Cryptography,不過,現在大家幾乎都是以PQC來統一其稱呼。

問題3 關於NIST舉辦密碼學標準化競賽,吸引來自全世界的團隊參賽一較高下,這樣的密碼學競賽多嗎?

除了這次的Post-Quantum Cryptography的競賽以外,我們其實看到NIST共列出4個競賽,包括:Block Cipher(AES)、Hash Function(SHA-3),以及Lightweight Crypto,這些競賽有何不同?

陳君明表示,其實,NIST並非第一次舉辦這類密碼學的競賽。在20年前,NIST就舉辦過AES進階加密標準的競賽。他們是在1997年1月開始公開徵選,然後在2000年制定出新標準,當時,這項競賽是為了選出取代早期的DES標準,成為新的對稱式加解密的標準。

特別的是,這也是他們第一次,舉辦全世界都可以參與的競賽。因為,在1976年制定的DES標準,僅是由IBM的一個團隊,先設計了對稱式加解密,然後再經由美國國家安全局NSA參與修改,才確立為國家標準,因此當時並沒有對外公開徵求候選者。

而在NIST這麼做之後,也打開了標準競賽舉辦的風氣,因為,其他國家也開始舉辦這類的全國性標準競賽,像是南韓、日本與中國等。

不僅如此,約在10年前,NIST又舉辦了SHA-3第三代安全雜湊演算法的競賽。簡單而言,這是因為SHA-1被發現嚴重的問題,而SHA-2又與SHA1設計原理類似,因此NIST要選出一個設計原理非常不一樣的成為新標準。後續,SHA-3與SHA-2併行成為美國政府的雜湊函數的國家標準。

至於現階段,陳君明說,NIST其實是有兩項競賽正在進行,除了PQC的競賽之外,另外還有一項名為Lightweight Crypto的競賽。

他解釋,這是一個輕量級的密碼學競賽,主要因為現在有越來越多IoT裝置,但是,在這些裝置上執行AES並不易,因此,需要有一個執行運算資源需求較少,又能維持基本安全性,短時間破不了的密碼系統。這項競賽在2019年才發起,目前有57個投稿。

問題4 這次PQC競賽時間漫長,若是這段期間如果有新演算法提出,難道就不能成為標準嗎?

從上述PQC的發展與NIST的這些競賽來看,我們還是很好奇,例如,以這次PQC標準化競賽的評選時程,似乎比之前AES競賽時間要更長,而這麼多年的時間下來,難道就不會有新的技術被提出,而無法入選成為新的標準嗎?

陳君明解釋,其實我們並沒有辦法嚴格證明某一個密碼系統的安全,因此,能夠做的事情,就是將演算法公開,讓大家來攻擊後,如果大家都破解不了,就代表越安全。

「在密碼學的領域,並不是技術越新越好,而是要越經得起考驗越好。」他說,以這次NIST PQC標準化競賽為例,名為McEliece的密碼學系統是第三輪入選之一,它已經被提出40年之久,就是因為大家都破解不了,而且被大家普遍使用的時間越久,這代表著越經得考驗,因此大家相信它的程度就會越高。

另外,他也以這次其他競賽投稿為例,像是NTRU已被提出超過25年之久,而Rainbow也已經提出有15年。

反之,新提出的密碼學系統,通常沒有經過長時間的考驗,因此大家對它的信心也會較低,而NIST也不會選擇它去作為標準。

 

Previous
PQC當紅,臺灣10位學者都是推手
Next
【當RSA、ECC加密不再安全】因應量子運算時代的加密防護需求,PQC脫穎而出
Highlight
Highlight
WiSECURE blog
解決「信任」問題,創造永續經濟效益
公鑰密碼學 (Public Key Cryptography) 新應用 – FIDO 無密碼登入  帳號密碼成為權限管理的信任來源行之有年,但網路世界仍苦於釣魚網站、個資洩漏及身分假冒的問題,加上雲端服務發達,各種會員制的網站如雨後春筍,使用者需要管理的帳號密碼少則數十個,多則上百個。為了解決相關問題,USB型態的認證載具,近年因 FIDO Alliance 的推廣成為當紅炸子雞 [3],導入公鑰密碼學 (Public Key Cryptography) 強化或取代過去的帳號密碼認證方式,降低釣魚網站使用帳號密碼冒充身分的可能性。因信任的來源 (root of trust) 為硬體載具內的私鑰 (private key),絕不會傳輸至外部環境,可抵擋各形式的身分冒充和資料竊取。雖然該技術十幾年前便存在,但因 FIDO Alliance 近年努力推動各平台導入標準,直到現在才漸漸普及。
Apr.13.2021
Events
CyberSec 2021 臺灣資安大會
匯智安全科技今年正式加入 FIDO Alliance 並取得 U2F 及 FIDO2 認證,FIDO2不僅解決密碼帶來的不便與資安風險,更實現零信任安全策略的身分認證,確認信任 (trust) 來源。今年我們將在臺灣資安館展區,以「零信任解決方案」為主題,展示 FIDO2 產品與解決方案。 想知道我們如何讓企業「無痛」FIDO(Latin: trust)嗎? 誠摯邀請您來我們攤位輕鬆抽獎、暢聊資安!
Apr.13.2021
News
超前佈局人才、研發與市場行銷,使臺灣資安業者打開國際銷路
近年隨著駭客攻擊精進,導致全球重大資安事件頻傳,衝擊持續升高。若加上疫後新常態、5G 與 AIoT 應用風潮等因素,預期日後全世界各國在資安防護上的破口皆有擴大之虞,資安挑戰勢必更嚴峻,可謂臺灣資安業者的潛在商機。
Dec.16.2020
WiSECURE blog
抵禦量子電腦破密-後量子密碼的現今發展與實務應用的兩難
密碼系統分成兩大類,一類是「對稱式」,另外一類是「非對稱式」。預計15至20年後³,若兩千以上量子位元(qubit)的通用型量子電腦(large-scale universal quantum computer)出現⁴,對這兩類密碼系統的威脅並不一樣⁵。
Feb.11.2020
News
2020台灣資安大會 驅動遠距作業信任根基
2020年台灣資安大會於8月11日展開序幕,大會主題「Resilience Matters 韌性決勝」,聚焦疫情的衝擊,將資安尚未整備的數位工具推上浪頭,導致接二連三的駭客攻擊事件。然而,為了確保業務連續性,企業不得不採用存在風險的數位工具。不得中斷的營運,尚未成熟的數位工具,伺機而動的駭客,皆挑戰企業韌性與其應變資安威脅的能力。
Aug.13.2020
WiSECURE blog
駭客都在想什麼?駭客經濟學與關鍵手法精闢解析
根據 Arm TrustZone 文件,一般的手法分為傳統軟體攻擊(Hack attack)、店舖硬體攻擊(Shack attack)、實驗室硬體攻擊(Laboratory attack)。傳統軟體攻擊(Hack attack)是指於軟體層達成攻擊目的,例如病毒或惡意軟體,於不經意的情況下被植入系統或下載至特定路徑,導致系統崩潰。2017年的勒索蠕蟲(WannaCry)便是此類。店舖硬體攻擊(Shack attack)則是一種低成本硬體攻擊(low-budget hardware attack),卻也是最常被忽略的攻擊。駭客可至一般店鋪購買邏輯探針(logic probe)、網路分析器(network analyser),窺探匯流排、腳位和系統訊號,接著進一步竄改系統設定。最後一種實驗室硬體攻擊(Laboratory attack),為最全面也最侵入式的攻擊。
Feb.12.2020
WiSECURE blog
PQC當紅,臺灣10位學者都是推手
因此,國內學界並不是最近才關注PQC,其實早在20年前,就開始累積這方面的能量。陳君明也舉例,在2004年,他、楊柏因與兩人的一位學生,當時就發表過一篇名為TTS:High-Speed Signatures on a Low-Cost Smart Card的報告,是關於多變量密碼學的研究,就是屬於PQC的範疇。
Dec.31.2020
WiSECURE blog
WiSECURE Technologies joined FIDO
In January, WiSECURE Technologies joined FIDO so as to develop passwordless multi-factor USB keys, aiming to help governmental entities, enterprises, education institutions and others resist phishing and impersonation.
Jan.29.2021
Document
遠距作業風險與安全解決方案
COVID 19 爆發,數億人被迫進行居家隔離。為確保業務連續性,企業和銀行必須利用資通訊系統,讓員工得以遠距作業。資通訊科技應用已經成熟,如視訊會議、VPN 連線、雲端文件共享等,得以實現遠距辦公。然而因缺乏完備的安全設計,無法在信任和安全層面得到保障。
Aug.01.2020
Document
【Use case】Securer Than The Securest - Optimization Of Signal
Securer Than The Securest - Optimization Of Signal Designed for device-side security in the form of micro SD, VeloCrypt MicroSD HSM is a hardware security module ensuring users’ privacy in end-to-end
Mar.27.2020
News
藉由主動防禦,補強遠距資安罩門
2020年,新冠肺炎疫情迫使工作型態改變,影響各企業及商家的業務連續性,遠距作業成為可行方案。然而基礎IT建設尚未完備,有許多數位資產的安全議題待探討。如何採取有效信任措施,讓各企業及商家無痛執行遠距作業?匯智安全總經理Albert接受電子時報DIGITIMES採訪,提出適用於各種作業環境的解決方案。
Jul.08.2020
Document
VeloCrypt™ MicroSD HSM - white paper
In WiSECURE's comprehensive HSM(hardware security module) product line, VeloCrypt™ MicroSD HSM (former name:μSD/X), which is in the stunning form of micro SD card, provides security services driven by hardware-based crypto engines, including encryption, key generation and key life cycle management, digital signature, authentication, and other crypto functions. It is used in secure authentication, sensitive data encryption, secure communication and secure mobile payment.
Feb.12.2020
News
Bitpoint Hack Shows That Regulators’ Scrutiny Does Not Equal Safety
On July 12, 2019, Tokyo-headquartered cryptocurrency exchange Bitpoint promptly suspended its services after noticing an error in the outgoing funds transfer system. Soon, an official announcement followed, revealing that the trading platform had lost around 3.5 billion yen (roughly $32 million) as a result of a security breach.
Aug.05.2019
News
Military-grade Security Solution in CYBERSEC 2019
CYBERSEC 2019 ended perfectly on March 21st. Held in Taipei International Convention Center (TICC) and Taipei World Trade Center (TWTC), the 3-day event attracted more than 180 international and local IT security vendors, displaying cutting-edge products and service and with over 250 speeches and around 8,000 participants.
Apr.12.2019
Document
Product Brief - AuthTron™ security key
Password-less and multi-factor authentication is on the rise with FIDO Alliance promoting a unified and standard framework across different platforms, operating systems and devices. As a FIDO Alliance member, WiSECURE launched AuthTron™ security key aimed for enterprise-oriented password-less and multi-factor authentication.
Aug.06.2021
Document
KeyVault PCIe HSM - white paper
KeyVault Hardware Security Module (KVHSM) serves as a robust shield protecting digital assets, elaborated to fulfill profitable and cost-efficient applications, such as IoT authentication, servers’ database encryption, blockchain, etc.
Jan.27.2020
Document
DPX (Data Protection during/after eXchange) - white paper
In general, threats are either external (e.g., malware, phishing, illegal access, and eavesdropping) or internal (e.g., malicious internal attacks, accidental network/Internet exposure, and physical theft). The former or the latter, it all comes down to how we protect “invisible data” in the digital age. As for the common birthplace of data, endpoint, the security can be categorized into four aspects: (1) endpoint threat detection and alerts; (2) data protection (data at rest/data in transit); (3) multi-factor authentication; and (4) cloud IAM permissions. Upon creation, data is then shared, transmitted, used, modified, etc. ...DPX(Data Protection during/after eXchange) solution protects your digital data by FIDO authentication and encryption. Download the white paper to learn more about DPX security concept.
Aug.31.2021
News
Invited to Infineon IoT Security Circle
WiSECURE Technologies was invited to Infineon headquarter located in Munich, Germany, joining IoT Security Circle. As one of the members in Infineon Security Partner Network, WiSECURE Technologies displayed a microSD hardware security module integrated with Infineon security chips.
Mar.28.2019
Document
End-to-End secure messaging app using VeloCrypt MicroSD HSM
WiSECURE's public sector client was in need of a secure communication on top of its existing communication encryption application. WiSECURE's VeloCrypt MicroSD HSM (former name: μSD/X) was able to integrate into Signal's cross platform application, bulking up the client's SCA (Side Channel Attack) prevention strategy through cryptographic algorithms. whitepaper by Frost&sullivan
Nov.25.2019
WiSECURE blog
【當RSA、ECC加密不再安全】因應量子運算時代的加密防護需求,PQC脫穎而出
基本上,隨著量子電腦持續發展,現有RSA、ECC未來若不更換,恐將遭受量子破密的威脅,但要升級PQC,也是一項非常浩大的工程。對此,陳君明引述了他們公司匯智安全資訊長梁家榮整理的資訊,讓我們可以更瞭解其升級難度。......以金融相關系統服務為例,例如,包括銀行核心系統電子支付系統、信用卡系統、財金公司跨行交易系統等,都將受到影響,而更具挑戰的部分是在轉換時間,因為這可能會是需要數年的浩大工程。他說,以單一重要交易核心系統的轉換而言,因其嚴謹度要求,一般皆需耗時1年以上,若要整個網路端點皆須完成轉換,可能需要數年之久。
Dec.31.2020
WiSECURE blog
全球硬體安全模組趨勢分析
儘管硬體安全模組有11% 的年複合成長率 (CAGR),整體產業仍無法滿足新興應用、中小企業及新創公司的資安需求。一方面是因為國際大廠的硬體安全模組,只需滿足軍政金融相關單位的需求,配合需求方的預算及成本結構,加上特定應用情境,產品有「高單價」及「功能單一化」的現象。
Nov.16.2020
TOP