Our aim is to extend our PKI Expertise to capture the ever growing list of PKI certificate dependencies. Certificates which are underpinned by PKI now form the security anchors for an increasing array of applications and devices in the business enterprise.
It is no longer possible to confine PKI consultancy to one-off tactical PKI designs. Cryptographic standards, compliance, certificate life-cycles, key management, policies and standards are all of equal importance.
However, the overriding principle that governs the way we offer PKI consultancy is to develop an understanding of the client's business first. We want to understand more than anything else, what it is we are actually trying to protect. That's always been our starting point when we speak to clients about PKI and data encryption.
We are the ideal partners to help you unravel the National Institute of Standards and Technology (NIST) recommendations for the use of stronger cryptographic keys and more robust algorithms as defined in SP 800-131A.
We can offer extensive help transitioning your crypto estate to the stronger NIST recommendations. Specific guidance on the NIST definition of terms: what is acceptable, what is deprecated, what is disallowed and what is legacy–use.
We can help you identify and understand which algorithms are affected and which key size is appropriate during and after the transition phase.
Transitioning keys from 1024 bits to larger key sizes as stipulated by NIST can be a major challenge for many organizations. A great deal of testing may be required within some crypto estates. This is equally important when upgrading SHA-1 for digital signature verification to SHA-224, SHA-256, SHA-384 or SHA-512.
The implications are wide and the potential to impact production systems which depend on non-compliant PKI infrastructures is very real. Rebuilding, transitioning or re-keying existing PKI infrastructures is an area that we are very experienced in and our invaluable experience is available to companies that require it.
Understanding the risks of using deprecated hash functions and inadequate key sizes beyond 2013 is something companies cannot ignore. Your PKI infrastructure can be re-built or transitioned so that it is compliant with the new NIST recommendations by our experienced consultants.