Home>CEO Blog>Trust because of Encryption

Trust because of Encryption2021.05.28

"Trust because of Encryption" is the theme slogan of this revision of the MeSign official website. This is the crystallization of the author's 17 years of experience in CA industry and certificate application industry. Trust because of Encryption and Security because of Trust, this is also one of the future development directions of network security. It is not difficult for everyone to understand why the concept of Zero Trust security is so hot now.

A buzzword in the cyber security industry is "As virtue rises one foot, vice rises ten. " Cyber security means that both offensive and defensive parties are constantly improving their abilities and developing. This seems to be a never-ending process. But does this process really solve the security problem? The answer is no. Various cyber security incidents are happening all the time.

So, is there a solution to this vicious circle? Yes! John Kindervag, the principal analyst at Forrester Research at the time, proposed the concept of "Zero Trust" in 2010. The core idea is that organizations should not automatically trust any people and things inside or outside its perimeters and instead must verify anything and everything trying to connect to its systems before granting access. The author believes that this is the answer. Zero Trust can solve the current dilemma. There is no need for constant fighting. Only “Zero Trust” can solve the security problem. It is not difficult to understand that IDC recently put forward the view that "Shifting from the security market to the trust market has become a trend".

As for how to solve the trust problem, there are many solutions on the market. The most typical method is the "Holmes" solution, which requires dynamic continuous trust evaluation and dynamic adjustment of access permissions. This is because non-real-name authentication does not know who the bad guy is, and can only rely on Sherlock Holmes's continuous screening, which is too inefficient, and It is easy to make mistakes in judgment. The Zero Trust security solution proposed by MeSign Technology is to use PKI technology to achieve identity authentication and data encryption, and to achieve trust through digital signature, encryption and time stamping technology, because PKI technology is born to solve the trust problem and to solve the data security problems.

In other words, for security, the trust problem must be solved first, and encryption and digital signature can solve the trust problem. The trust problem is solved, then the security problem is solved. This is the connotation of "Trust because of Encryption", and it is not difficult to understand why the theme of the "2021 Cryptography Daxing Summit" held in Beijing on April 20 is "Security because of Cryptography", Trust because of encryption and security because of trust.

Click here to download this blog post (PDF format with digital signature and timestamp)