Enterprises use encryption—a cryptographic technique—to protect data transmission and storage. While encryption in transit protects data confidentiality and integrity, it also reduces the organization’s visibility into the data flowing through their systems. The NCCoE initiated a project to address enterprise challenges to compliance, operations, and security when deploying modern encrypted protocols, and TLS 1.3 in particular. This effort is an element of the NCCoE’s cryptographic applications program and follows successful completion of an earlier TLS certificate management project. This project description documents the project background, scenarios demonstrating efficacy of solutions, a high-level demonstration platform architecture that includes a list of desired components and security characteristics and properties, standards and guidance to be followed in project development and execution, and mappings to security requirements that the demonstration platform is to satisfy.
Enterprises use encryption—a cryptographic technique—to protect data transmission and storage. While encryption in transit protects data confidentiality and integrity, it also reduces the organization’s visibility into the data flowing through their systems. The NCCoE initiated a project to address...
See full abstract
Enterprises use encryption—a cryptographic technique—to protect data transmission and storage. While encryption in transit protects data confidentiality and integrity, it also reduces the organization’s visibility into the data flowing through their systems. The NCCoE initiated a project to address enterprise challenges to compliance, operations, and security when deploying modern encrypted protocols, and TLS 1.3 in particular. This effort is an element of the NCCoE’s cryptographic applications program and follows successful completion of an earlier TLS certificate management project. This project description documents the project background, scenarios demonstrating efficacy of solutions, a high-level demonstration platform architecture that includes a list of desired components and security characteristics and properties, standards and guidance to be followed in project development and execution, and mappings to security requirements that the demonstration platform is to satisfy.
Hide full abstract
Keywords
algorithm; application; compliance; cryptography; encryption; forensics; perfect forward security; protocol; transport layer; troubleshooting; visibility