Document
Mar.27.2020
【Use case】Securer Than The Securest - Optimization Of Signal
Securer Than The Securest - Optimization Of Signal
Designed for device-side security in the form of micro SD, VeloCrypt MicroSD HSM (former name: μSD/X) is a hardware security module ensuring users’ privacy in end-to-end communications.
Download here:
VeloCrypt MicroSD HSM_USECASE_SECURE MESSAGING - English version
VeloCrypt MicroSD HSM_USECASE_SECURE MESSAGING - Chinese version
Reference
[1] Signal
[2] X3DH (Extended Triple Diffie-Hellman)
[3] Double Ratchet Algorithm
[4] Kamil KACZYŃSKI, "Security Analysis of Signal Arduino Database Protection Mechanisms," International Journal on Information Technologies & Security, № 4 (vol. 11), 2019.
[5] Infineon SLE 97
[6] Edwards-curve Digital Signature Algorithm (EdDSA)
Highlight
WiSECURE blog
PQC當紅,臺灣10位學者都是推手
因此,國內學界並不是最近才關注PQC,其實早在20年前,就開始累積這方面的能量。陳君明也舉例,在2004年,他、楊柏因與兩人的一位學生,當時就發表過一篇名為TTS:High-Speed Signatures on a Low-Cost Smart Card的報告,是關於多變量密碼學的研究,就是屬於PQC的範疇。
Dec.31.2020
WiSECURE blog
駭客都在想什麼?駭客經濟學與關鍵手法精闢解析
根據 Arm TrustZone 文件,一般的手法分為傳統軟體攻擊(Hack attack)、店舖硬體攻擊(Shack attack)、實驗室硬體攻擊(Laboratory attack)。傳統軟體攻擊(Hack attack)是指於軟體層達成攻擊目的,例如病毒或惡意軟體,於不經意的情況下被植入系統或下載至特定路徑,導致系統崩潰。2017年的勒索蠕蟲(WannaCry)便是此類。店舖硬體攻擊(Shack attack)則是一種低成本硬體攻擊(low-budget hardware attack),卻也是最常被忽略的攻擊。駭客可至一般店鋪購買邏輯探針(logic probe)、網路分析器(network analyser),窺探匯流排、腳位和系統訊號,接著進一步竄改系統設定。最後一種實驗室硬體攻擊(Laboratory attack),為最全面也最侵入式的攻擊。
Feb.12.2020
WiSECURE blog
從4大關鍵問題搞懂PQC與密碼學競賽
近年來,量子運算帶來的威脅持續成議題,後量子密碼學(Post-Quantum Cryptography,PQC)的發展也備受關注,而隨著NIST舉行的「後量子密碼學標準化」競賽,在2020年後進入最後階段,因此,不只是密碼學界,現在已經是各界都在關注PQC的最新發展。
Dec.31.2020
News
Invited to Infineon IoT Security Circle
WiSECURE Technologies was invited to Infineon headquarter located in Munich, Germany, joining IoT Security Circle. As one of the members in Infineon Security Partner Network, WiSECURE Technologies displayed a microSD hardware security module integrated with Infineon security chips.
Mar.28.2019
Document
遠距作業風險與安全解決方案
COVID 19 爆發,數億人被迫進行居家隔離。為確保業務連續性,企業和銀行必須利用資通訊系統,讓員工得以遠距作業。資通訊科技應用已經成熟,如視訊會議、VPN 連線、雲端文件共享等,得以實現遠距辦公。然而因缺乏完備的安全設計,無法在信任和安全層面得到保障。
Aug.01.2020
Document
KeyVault PCIe HSM - white paper
KeyVault Hardware Security Module (KVHSM) serves as a robust shield protecting digital assets, elaborated to fulfill profitable and cost-efficient applications, such as IoT authentication, servers’ database encryption, blockchain, etc.
Jan.27.2020
Document
End-to-End secure messaging app using VeloCrypt MicroSD HSM
WiSECURE's public sector client was in need of a secure communication on top of its existing communication encryption application. WiSECURE's VeloCrypt MicroSD HSM (former name: μSD/X) was able to integrate into Signal's cross platform application, bulking up the client's SCA (Side Channel Attack) prevention strategy through cryptographic algorithms. whitepaper by Frost&sullivan
Nov.25.2019
WiSECURE blog
全球硬體安全模組趨勢分析
儘管硬體安全模組有11% 的年複合成長率 (CAGR),整體產業仍無法滿足新興應用、中小企業及新創公司的資安需求。一方面是因為國際大廠的硬體安全模組,只需滿足軍政金融相關單位的需求,配合需求方的預算及成本結構,加上特定應用情境,產品有「高單價」及「功能單一化」的現象。
Nov.16.2020
Document
VeloCrypt™ MicroSD HSM - white paper
In WiSECURE's comprehensive HSM(hardware security module) product line, VeloCrypt™ MicroSD HSM (former name:μSD/X), which is in the stunning form of micro SD card, provides security services driven by hardware-based crypto engines, including encryption, key generation and key life cycle management, digital signature, authentication, and other crypto functions. It is used in secure authentication, sensitive data encryption, secure communication and secure mobile payment.
Feb.12.2020
News
超前佈局人才、研發與市場行銷,使臺灣資安業者打開國際銷路
近年隨著駭客攻擊精進,導致全球重大資安事件頻傳,衝擊持續升高。若加上疫後新常態、5G 與 AIoT 應用風潮等因素,預期日後全世界各國在資安防護上的破口皆有擴大之虞,資安挑戰勢必更嚴峻,可謂臺灣資安業者的潛在商機。
Dec.16.2020
News
Military-grade Security Solution in CYBERSEC 2019
WiSECURE Technologies displayed KeyVault PCIe HSM (kvHSM) and VeloCrypt MicroSD HSM (former name: μSD/X). kvHSM is a HSM in PCIe card form factor. It can be applied to service clouds, protecting data and providing cryptographic service. It encrypts data at a speed of 1.6GB/s, and the performance of digital signature reaches 10,000 tps.
Apr.12.2019
WiSECURE blog
抵禦量子電腦破密-後量子密碼的現今發展與實務應用的兩難
密碼系統分成兩大類,一類是「對稱式」,另外一類是「非對稱式」。預計15至20年後³,若兩千以上量子位元(qubit)的通用型量子電腦(large-scale universal quantum computer)出現⁴,對這兩類密碼系統的威脅並不一樣⁵。
Feb.11.2020
WiSECURE blog
【當RSA、ECC加密不再安全】因應量子運算時代的加密防護需求,PQC脫穎而出
基本上,隨著量子電腦持續發展,現有RSA、ECC未來若不更換,恐將遭受量子破密的威脅,但要升級PQC,也是一項非常浩大的工程。對此,陳君明引述了他們公司匯智安全資訊長梁家榮整理的資訊,讓我們可以更瞭解其升級難度。......以金融相關系統服務為例,例如,包括銀行核心系統電子支付系統、信用卡系統、財金公司跨行交易系統等,都將受到影響,而更具挑戰的部分是在轉換時間,因為這可能會是需要數年的浩大工程。他說,以單一重要交易核心系統的轉換而言,因其嚴謹度要求,一般皆需耗時1年以上,若要整個網路端點皆須完成轉換,可能需要數年之久。
Dec.31.2020
WiSECURE blog
WiSECURE Technologies joined FIDO
In January, WiSECURE Technologies joined FIDO so as to develop passwordless multi-factor USB keys, aiming to help governmental entities, enterprises, education institutions and others resist phishing and impersonation.
Jan.29.2021
News
2020台灣資安大會 驅動遠距作業信任根基
2020年台灣資安大會於8月11日展開序幕,大會主題「Resilience Matters 韌性決勝」,聚焦疫情的衝擊,將資安尚未整備的數位工具推上浪頭,導致接二連三的駭客攻擊事件。然而,為了確保業務連續性,企業不得不採用存在風險的數位工具。不得中斷的營運,尚未成熟的數位工具,伺機而動的駭客,皆挑戰企業韌性與其應變資安威脅的能力。
Aug.13.2020
News
藉由主動防禦,補強遠距資安罩門
2020年,新冠肺炎疫情迫使工作型態改變,影響各企業及商家的業務連續性,遠距作業成為可行方案。然而基礎IT建設尚未完備,有許多數位資產的安全議題待探討。如何採取有效信任措施,讓各企業及商家無痛執行遠距作業?匯智安全總經理Albert接受電子時報DIGITIMES採訪,提出適用於各種作業環境的解決方案。
Jul.08.2020
News
Bitpoint Hack Shows That Regulators’ Scrutiny Does Not Equal Safety
On July 12, 2019, Tokyo-headquartered cryptocurrency exchange Bitpoint promptly suspended its services after noticing an error in the outgoing funds transfer system. Soon, an official announcement followed, revealing that the trading platform had lost around 3.5 billion yen (roughly $32 million) as a result of a security breach.
Aug.05.2019
TOP