SecureBlackbox Knowledge Base

Recent General Articles

Securing PDF documents

A review of encryption and signing schemes offered by the PDF specification and supported by PDF management tools and components.

Basics of PAdES (PDF Advanced Electronic Signatures)

Few can deny the importance of electronic signatures in modern business. Companies that use electronic documents rely on electronic signatures to protect their d…

Timestamping of digital signatures (mini-FAQ)

This article answers some of the basic questions related to the timestamping of digital signatures, made over data using X.509 certificates.

7 Business Advantages Of Offering Data Security

Learn why you must add security and encryption functions to your software and your IT infrastructure.

Ensuring Correct Data Exchange in FTP

When working with FTP/FTPS and SFTP, you can follow the steps below to handle simultaneous uploads and downloads.

Share with the World: who reads my data in the cloud?

The article discusses the risks arising from storing the data in the clouds and the ways to prevent these risks using client-side encryption.

HTTP and HTTPS proxies

The article describes the differences between HTTP proxies and HTTPS proxies.

Encryption Schemes and Mechanisms in SecureBlackbox

The article describes different encryption schemes used in the IT industry and implemented in the SecureBlackbox products.

Kerberos vs. SSL/TLS

Introduces Kerberos and SSL/TLS.

Accessing system certificates under restricted user accounts

The article describes what steps must be taken to make system certificates accessible from applications and services running under limited system accounts.

CAdES and Digital Signatures

CAdES is a new standard for advanced digital signature. It was introduced by the European Directive on a community framework for Electronic Signatures, which extends the previous standard, CMS, specifying several additional profiles.

Introduction to XAdES (XML Advanced Electronic Signatures)

In this article we are talking about signing XML documents, though the same mechanism of XML signature can be used to sign any type of data. XML signature may be detached from or attached to signed data. In the latter case, the signature is said to be enveloping when it contains the signed data within itself, or may be enveloped when it comprises a part of the document containing the signed data.

Benchmarking your SSL- or SSH-enabled communications

The article reviews several of the methods of properly benchmarking SSL- or SSH-enabled communications.

Building user authentication systems for client-server environments

This article reviews using X.509 certificates for user authentication.

Certificate Basics

Technical description of X.509 certificates.

Certificate Pinning and SecureBlackbox

The article discusses how technically valid certificates can be fake, what certificate pinning is, and how it helps ensure authenticity of web sites and other servers. Also the article describes how you can implement Certificate Pinning in SecureBlackbox.

Counteracting Denial-of-Service (DoS) attacks in SSH and SFTP servers

This how-to describes the ways to counteract DoS and DDoS attacks on your SSH or SFTP server

FTPS (FTP over SSL) vs. SFTP (SSH File Transfer Protocol)

Comprehensive comparison of FTPS and SFTP

Getting Started with SecureBlackbox

How to get started with a trial of SecureBlackbox

Implementing XAdES Signing of Data Using SecureBlackbox

The article describes how to perform advanced signing of XML documents and custom data according to the XAdES specification using SecureBlackbox.

Introduction to Certificates

General introduction to X.509 certificates

Introduction to SSH

General information about the SSH protocol

Introduction to SSL

An introduction to the SSL/TLS protocol.

Plugging SecureBlackbox Java Cryptography Extensions into Your Java Project

Plugging SecureBlackbox Java Cryptography Extensions into your Java project

Post-POODLE Adjustments in the TLS Components of SecureBlackbox

The article discusses changes in SecureBlackbox in regards to the recent POODLE attack and the measures you should take in your code.

Preventing TLS Renegotiation Attacks with SecureBlackbox 7.2 and Later

This article discusses TLS renegotiation attacks and the ways to prevent them when using SecureBlackbox 7.2 or later.

Securing RemObjects

This how-to describes how to add SSL security to RemObjects

Why SecureBlackbox is a Superior Alternative to BouncyCastle

Why you should choose SecureBlackbox's professionally developed security components over BouncyCastle

Securing Your Client-Server or Multi-Tier Application

Introductory article about security and encryption in distributed applications.

Security Advisory: On the information disclosure vulnerability in the SSL 3.0 and TLS 1.0 protocols (Rizzo/Duong "BEAST" attack)

This security advisory describes the details of the so-called BEAST attack on SSL/TLS.

Security Advisory: On the version fallback vulnerability in SSL/TLS implementations (Moeller/Duong/Kotowicz POODLE attack)

In late September 2014 a new attack on the SSL/TLS protocol was recognized and described by security researchers Bodo Moeller, Thai Duong, and Krzysztof Kotowicz. The report of the attack gained high popularity in the news and raised concerns about its applicability to various network environments.

The signature made with SecureBlackbox can't be verified

Your first check when the signature cannot be verified.

Silverlight Environments: Security and Permissions

The article discusses how to fine-tune Silverlight applications to features of SecureBlackbox that require elevated permissions.

SSH Authentication Methods

An overview of the methods of server and client authentication used in the SSH protocol.

Adding Support for TLS 1.2 to Your Windows XP/Vista Application

Following a number of severe attacks against the SSL/TLS protocol discovered in recent years, fresher and safer versions of the protocol, such as TLS 1.1 and TLS 1.2 are quickly gaining popularity and becoming a new de facto standard across the internet.

Fine-Tuning the SSL Components

How to configure your client-side and server-side SSL implementations.

Using SecureBlackbox with kbmMW

Step-by-step explanation of how to add SSL security to kbmMW

Validation of Certificates in SecureBlackbox (Mini-FAQ)

The article describes how certificate validation in SecureBlackbox is done with the help of the TElX509CertificateValidator class.

Virtualized File Access in SecureBlackbox

The article describes how SecureBlackbox works with files and how to avoid storing the files on disk.