Skip to content Skip to footer
Home Focus Groups Cryptography

Cryptography

Public key encryption, digital signatures, and key exchange are the core of modern information systems, payment systems, and the global communications infrastructure. However, no single method of encryption is unbreakable. The Crypto Focus Group has originated from the genuine need to exchange implementation practices and user experiences on the available solutions in the market.

The objectives of the Crypto Focus Group are twofold:

  • Information sharing about day-to-day experiences in using cryptography and related security products and systems, with the purpose to create and foster a vibrant community of experts and technology users that benefit from each other’s experience shared in a confidential environment.
  • Innovation exploration: developing interest in new cryptographic threats, new and emerging cryptographic and related technologies, research and innovation.

Considering the limited budgets, practitioners experience difficulties in striking a good balance between the investments to be done and achieving the best possible algorithm protection. The Crypto Focus Group aims at supporting them by leveraging the available knowledge in the member community. There is a growing awareness in organizations that crypto agility is of vital importance for data security. Crypto agility is also key to postquantum security.

The activities of the Crypto Focus Group are structured around four themes: Cryptographic algorithms, PKI, Key & Certificate management and Cryptography training.

Topics covered include a.o. HSM incorporating SMPC, data sovereignty in the cloud, crypto agility, quantum cryptography, whitebox crypto, machine identity management, cryptography challenges in an enterprise; privacy enhancing technologies, the state of quantum hacking, open cloud technologies supporting efficient crypto in the cloud, and data privacy in the public cloud.

Cryptographic algorithms

Follow-up of attacks on algorithms, remediation and considerations for evolutions in algorithms.

PKI (Public Key Infrastructure)

Concepts and choices for the practical implementation in of a PKI organization.

Key & certificate management

Best practices on e.g. key management for cloud solutions such as Bring Your Own Key and Cloud HSMs, HSM management and tools to automate certificate enrolment, provisioning and many more.

Cryptography training

Identification of training materials that each participant could propose to the other members who need to learn about crypto basics or advanced topics.

Cyber security at schools

This sub-group strives for a future in which young people (age 6 to 25) develop a natural reflex for cyber security, are challenged by it, and motivated to integrate their cyber creativity and passion into their (professional) lives. A recent achievement of this sub-group is the development of an EDUbox Cybersecurity in partnership with the VRT and Betternet. The tool was officially launched during the 2023 Safer Internet Day event organized in cooperation with the Federal Public Service Economy, SMEs, Middle Classes and Energy.

Security awareness metrics

Members of this sub-group share experiences on cyber security metrics. This sub-group arose from the need among our members to be able to measure the extent to which sensitization actions within the organization affect employees’ behaviour. This could be a powerful reporting tool to the executive management, which must approve the budget for such actions. The sub-group tries to identify some relevant metrics to measure these behavioural changes within an organization.

Cyber security awareness & culture manager training

This training programme combined members’ best awareness practices in cyber security and tackled the challenges of behavioural and cultural change. Each module consisted of both theoretical and practical exercises leading the participants to create their own cyber security awareness plan by applying the processes created and refined by the expert trainers. Participants who successfully completed the programme received a certification supported by the Cyber Security Coalition and the CCB. During four consecutive years, this sub-group trained over 90 trainees. The training has been suspended for the time being. The ultimate goal is to develop an online version of the training.

Phishing

The sub-group is designing an effective phishing assessment programme to be included as a part of a complete Phishing Deployment Package.

The Focus Group generally convenes in person on a quarterly basis.

Occasionally external experts are invited to present specific topics.

Cryptography

How to join the group

Admission is subject to Coalition membership.The Focus Group appeals to the following profiles:

  • Academic researchers conducting research in cryptography
  • Industry experts having experience in developing and using cryptographic systems
  • Government officials responsible for developing and implementing cryptography policies

Permanent Chair

Bojan Spasic

Bojan Spasic

Security Research and Innovation Lead at Swift
Johan Kestens

Johan Kestens

PKI & Crypto Policies & Governance Consultant at Euroclear
Ulrich Seldeslachts

Ulrich Seldeslachts

Executive Director of LSEC Leaders in Security

Operations Office

Pascal Champagne

Business Development Manager
Join our podcast
Please choose your preferred listening platform and language

Spotify

EN

FR

NL

Apple

EN

FR

NL

Join our newsletter

Cyber Pulse keeps you up-to-date on the latest cybersecurity news, community actions and member stories.