In today’s developed financial environments, it’s important for institutions to utilise advanced encryption methods such as key injection tools to protect data on- and off- premises.

Financial institutions across the globe are dedicated to preserve confidentiality, verify availability of systems and services, and maintain the integrity of the financial data.

CyberTech, a division of Altron, is actively assisting its clients to ensure they conform to current and new global payment industry standards. Recently, CyberTech, together with its partner Thales, hosted a training event for its partners on the Variant to Keyblock LMK migration as a service, to ensure keyblock methods are used when exchanging keys.

South Africa- and African-based cyber security professionals from major banks gathered over a two-day period to attend Keyblock Migration Training at CyberTech’s offices in Johannesburg this month to get a better grasp of how Keyblock Migration works.

This training was presented by Robert Hernandez, Lead Consultant (Encryption) EMEA Professional Services, in collaboration with CyberTech’s encryption team.

As developers, security analysts and engineers are doing a lot to protect applications and data, using Key Blocks has also become a key encryption requirement. The Payment Card Industry (PCI) has mandated this requirement for financial business globally to ensure the key variant provides an association with the key’s intended purpose, which allows the Secure Cryptographic Device (SCD) to enforce a specific use.

However, this does not by itself provide for key-block integrity or authentication. Because of this, there are known attacks that weaken the underlying key’s security, resulting in key recovery and thereby compromising the encrypted data. Since variants are vendor-specific implementations, they also involve a business risk. The proprietary nature of variants — that is, a lack of interoperability — may make future migrations more difficult, especially if migrating from one vendor to another, or to a new product line of the same vendor where variants may not be supported. Key usage must be cryptographically bound to the key using accepted methods, such that it must be unfeasible for the key to be used if the usage attributes have been altered.

For businesses with a high focus in government, telecommunication, IT and banking, this key solution would be available through a phased process from implementing Keyblocks for internal connections (and key storage within service provider environments) to implementing Keyblocks for external connections (to associations and networks). Encrypted symmetric keys must be managed in structures called Keyblocks.

CyberTech is a Johannesburg-based company with strong ties into the financial and general purpose encryption space, specialising in hardware-based encryption techniques, digitisation technologies and data protection.

For more information, visit our Web site: