Blog Support

SSLTrust Cyber Security Blog | Page 3

Back to Blog Homepage
#Articles

How do Cyber Criminals get your account details?

Hackers are smart and lazy. Who would want to sit at a computer all day typing away guessing passwords? Not me. They say that lazy people are often the innovators of our society, thinking of ways to do things that require minimal time and effort. …

#Articles

What is FIPS compliance?

FIPS (Federal Information Processing Standard) is a set of requirements asserted by NIST in order to centralize and make uniform the ways in which the US government manage the risks associated with securing and transporting sensitive information. …

#Articles

Considering Full Disk Encryption (FDE)

Full Disk Encryption (FDE) refers to the practice of encrypting a device (laptop, cell phone, etc) at-rest. Decryption is performed at boot time, relying on user input, a cryptographic key stored in hardware, or a combination both. FDE is an …

#Guides

How to choose the right encryption

It can be very difficult to bridge the gap between the theoretical and the practical. This is a pattern I’ve seen repeat itself again and again throughout my career – someone might be very technical, and very familiar with encryption, but when it …

#Articles

PBKDF2: Password Based Key Derivation

PBKDF2, defined in RFC 2898, is a specific Key Derivation Function (KDF). A KDF is simply any mechanism for taking a password (something a user remembers or stores in a password manager) and turning it into a symmetric key suitable for cryptographic …

#Guides

How Certificate Revocation Works with CRLs and OCSP

Certificate Revocation refers to the act of canceling a signed certificate before its expiration date. This can be done due to private key compromise, retirement of a service, or various administrative reasons. There are many different approaches …

#Articles

Encryption vs Hashing: What’s the difference?

Both Encryption and Hashing are fundamental building blocks of cryptosystems. When it comes to best practices for storing credentials in your application however, best practice is largely driven by what you’re trying to do. There are a lot of …

OpenSSL 1.1.1k Two High Severity Vulnerabilities Explored

A lot can be learned about SSL/TLS by analyzing real-world bugs and the ways in which vendors patch them. This past week OpenSSL 1.1.1k was released, which corrected two high severity bugs in the popular OpenSSL software. Specifically, CVE-2021-3450 …

#Articles

Rehashing Hashing: What is SHA-256?

Next to encryption, hashing is perhaps the most important building block of modern cryptosystems. But what is a hash? Why is it important? How can some ways of computing a hash be better than others, and what makes a particular method suitable for …

You may be also interested in reading our other resources...

Learning Centre

View more resources on cyber security, encryption and the internet.

Helpful Guides

View more Guides, FAQs and information to help with your Certificate purchases.