Asim Mehmood

Asim Mehmood is a security research engineer, holding a Master and a Bachelor of Science in Information Security.
Asim's core professional experience and competence is centered around
- Applied Classical & Modern Cryptography & Information
- Key Management
- HSMs
- Development of Public Key Infrastructure (PKI).
- Smart card enabled Key Management System in C#.
- Vulnerability assessment and Penetration Testing.
- Smart Card Applications development on Windows and Linux.
- LDAP and Secure LDAP Integration in Web Applications.
Asim loves music and reading.

The PCI PTS HSM v1 expires - Guidelines for the Transition Towards v3

Corporate organizations and banks have expanded their businesses around the world by using e-commerce which is secured by various security services such as encryption, decryption and strong authentication between identities and applications. Main cryptographic security control for the protection of business transactions is the Hardware Security Module (HSM).

Read more

PCI DSS - Physical Security Requirements for HSMs

Organizations have been crucially reliant on the internet for their business workflows. Due to this enhanced exposure, organizations are facing new threats on a daily basis that dictates the incorporation of cryptographic services.

Read more

State of Symmetric & Hash Algorithms after Quantum Computing

The recent trends in information technology and communications have emerged as one of the main technological pillars of the modern age. The importance of cryptography has gained importance due to the requirement of security services (confidentiality, integrity, authenticity, and non-repudiation) in data storage/transmission.

Read more

How HSMs support secure multi-tenancy?

 As business grew, so did the threat of compromise or theft of data.  To address these risks, both software methods and hardware devices were produced to secure networks, systems and data.  HSMs are dedicated devices, incorporated with both logical and physical protection mechanisms, designed to provide separate, secure operating environments where confidential or sensitive information could be treated without risk of exposure.   

Read more

NIST shortlisted 26 algorithms for focal post-quantum research - get all the details here

It has taken over two decades to establish and secure the current e-commerce applications. The security of most of these systems principally relies on cryptographic algorithms which have served the purpose till now. Since the initiation and evolution of quantum computing, some cryptographic algorithms have threats. To mitigate the security gap, numerous post-quantum algorithms have been proposed. This article enlightens the journey towards post-quantum algorithms and security parameters of the newly proposed post-quantum algorithms.

Read more

What is crypto-agility and how to achieve it?

Crypto-agility can be elaborated as the ability and aptitude of a system to promptly shift from the existing cryptographic algorithms and primitives to the newer and updated ones. With the advent of quantum computing, it has been obvious that the RSA based public-key systems which stand on large integer factorization and discrete logarithm problems would be breakable.

Read more

What are the common criteria for hardware security modules (HSMs)?

All the critical banking and payment systems incorporate Hardware Security Modules (HSMs) for the protection of user information and business transactions. HSMs deliver secure management of crypto keys along with encryption/decryption, digital signatures and authentication mechanisms which are frequently used for the security of corporate business applications.

Read more

Ready to take off?

Download our HSM simulator!

Register for free