Safeguard
Tag

cryptography

Safeguard articles tagged "cryptography" — guides, analysis, and best practices for software supply chain and application security.

57 articles

Threat Intelligence

What Is Post-Quantum Cryptography (for software supply ch...

Quantum computers will eventually break RSA and ECDSA. Here's what NIST's 2024 PQC standards, CNSA 2.0 deadlines, and "harvest now, decrypt later" mean for signed software supply chains.

Jun 2, 20267 min read
Application Security

Symmetric vs asymmetric encryption: practical Python examples

Symmetric vs asymmetric encryption explained with working Python code: AES-256-GCM, RSA-OAEP, hybrid encryption, and the mistakes that cause real breaches.

May 21, 20267 min read
AI Security

Cryptography Misuse Detection: Griffin AI vs Mythos

Crypto misuse is not about broken algorithms. It is about misused parameters, missing checks, and the gap between "it compiles" and "it is secure."

Mar 14, 20265 min read
Cryptography

Merkle tree in transparency logs

A Merkle tree is a hash-based data structure that lets transparency logs prove data integrity efficiently, using Merkle proofs and certificate transparency.

Mar 4, 20267 min read
Cryptography

Certificate transparency log

A concrete guide to certificate transparency logs: how SCTs verify issuance, how CT monitoring works, and how rogue certificates get detected fast.

Mar 4, 20267 min read
Identity Security

PASETO tokens

PASETO tokens explained: what is PASETO, how PASETO vs JWT differs, and why platform-agnostic security tokens with versioned crypto are safer by design.

Mar 1, 20267 min read
Software Supply Chain Security

Post-Quantum Cryptography Migration for Software Supply Chains

NIST finalized ML-KEM, ML-DSA, and SLH-DSA in 2024. Here's what it means for Sigstore, package registry signing, TLS, and the harvest-now-decrypt-later problem.

Feb 28, 20267 min read
Cryptography

Hash collision attack

What is a hash collision, and why does it break integrity checks and signatures? A precise definition, the SHA-1 collision attack, and how Safeguard closes the gap.

Feb 28, 20266 min read
Cryptography

HMAC

HMAC is a cryptographic construct that combines a hash function with a secret key to verify both the integrity and authenticity of a message.

Feb 28, 20267 min read
Cryptography

Elliptic curve cryptography (ECC)

A precise, technical answer to what is elliptic curve cryptography — plus how ECC vs RSA, ECDSA signatures, and ECDH key exchange secure modern systems.

Feb 27, 20267 min read
Cryptography

Post-quantum cryptography

Post-quantum cryptography protects data from future quantum attacks. See how NIST-standardized, lattice-based algorithms defend today's software supply chain.

Feb 27, 20268 min read
Cryptography

Hardware Security Module (HSM)

What is an HSM? Learn how hardware security modules store signing keys, how HSM vs KMS differs, and why FIPS 140-2 HSMs protect code-signing keys.

Feb 27, 20267 min read
cryptography (Page 2) — Safeguard Blog