Different tech for different problems

Officials at federal agencies are limited in their use of cryptographic technologies to those that have been validated by the National Institute of Standards and Technology. A listing of validated products is published on NIST's Web site at csrc.nist.gov/cryptval.

Many cryptographic products work at a network's application layer and therefore can be used to encrypt or digitally sign any kind of data format or network service, including Extensible Markup Language formats and Web services.

SSH Communications Security Corp.'s SSH Tectia Client and SSH Tectia Server software, for example, create a secure tunnel between desktop and server computers, said Byron Rashed, senior marketing communications manager at SSH. "Anything that goes though the tunnel will be encrypted," he said.

A cryptographic product such as Entrust Inc.'s Verification Server is used to create secure digital credentials. Entrust Messaging Server makes

e-mail secure.

"We work with application developers so that they understand what interfaces are available within the servers," said Gary Moore, chief architect at Entrust CygnaCom Solutions Inc., Entrust's security consulting and testing group.

The Entrust servers use Triple Data Encryption Standard and Advanced Encryption Standard for encrypting data. For digitally signing data, the servers support Digital Signature Standard and the elliptic curve Digital Signature Algorithm. By both encrypting and digitally signing data, the servers keep data private and guarantee that it has not been altered. Whether agency officials choose the verification or the messaging server, Moore said, "they can secure their information through these servers."

Featured

  • Defense
    Ryan D. McCarthy being sworn in as Army Secretary Oct. 10, 2019. (Photo credit: Sgt. Dana Clarke/U.S. Army)

    Army wants to spend nearly $1B on cloud, data by 2025

    Army Secretary Ryan McCarthy said lack of funding or a potential delay in the JEDI cloud bid "strikes to the heart of our concern."

  • Congress
    Rep. Jim Langevin (D-R.I.) at the Hack the Capitol conference Sept. 20, 2018

    Jim Langevin's view from the Hill

    As chairman of of the Intelligence and Emerging Threats and Capabilities subcommittee of the House Armed Services Committe and a member of the House Homeland Security Committee, Rhode Island Democrat Jim Langevin is one of the most influential voices on cybersecurity in Congress.

Stay Connected

FCW INSIDER

Sign up for our newsletter.

I agree to this site's Privacy Policy.