ISO 27001 and Common Criteria

How does Common Criteria relate to ISO 27001?  ISO 27001:2013 is a standard that covers a company’s Information Security Management […]

SSH Algorithms to Use

For SSHv2 key exchange: Recommended: diffie-hellmann-group14-sha1 (2048 bit) for SSH key exchange Allowed:  ecdh-sha2-nistp256, ecdh-sha2-nistp384, and ecdh-sha2-nistp521 Avoid: diffie-hellman-group1-sha1 (768 bit),diffie-hellman-group2-sha1 […]

NIST New Password Controls

NIST is currently reinventing its recommended password quality parameters.  In light of the many recent hacks that have been attributed […]

DRBG and RNG

No matter how good your algorithm and key sizes are, a bad random number generator means your cryptography will fail.  […]

IPsec Algorithms

Use: AES-CTR-128, AES-CTR-256, AES-GCM-128, AES-GCM-256 Avoid: AES-CBC-128, AES-CBC-256 IKEv1 Phase 1 exchanges use only main mode IKEv1 and IKEv2 SA […]