The World of Cybersecurity at
Your Fingertips

Practical and valuable guides and eBooks - free for download - by the AEGISOLVE Team.

New eBook Alert!

Software Development Lifecycle Excellence

This eBook outlines terms, information, and best practices related to the construction and verification phases of software development.

Get the Book

Crypto-Module Software lifecycle Development

This eBook outlines terms, information, and best practices related to software lifecycle development for cryptographic modules in a clear straightforward manner.

Get the Book

Secure Silicon FOR
Digital Cinema
AND BEYOND

This eBook explores the critical role of Secure Silicon in achieving compliance with DCI CTP (Digital Cinema Initiatives Compliance Test Plan).

Get the Book

Secure Silicon in
Digital Cinema
through the Lens of AI

The importance of secure silicon for ensuring the confidentiality, integrity, and availability of sensitive data and the proper functioning of digital cinema.

Get the Book
Zeroization

FIPS/ISO Algorithm 
Transitions

UPDATES ON NEW REQUIREMENTS

This eBook will help you understand the dynamic world of cryptographic algorithms and how they are evolving today and into the future.

Get the Book
Zeroization

FIPS 140-Series Best Practices for Software Development

Cut through complex language in FIPS 140-2 Appendix B with breakdowns and commentary at every critical junction for software development.

Get the Book
Zeroization

Configuration
Management

Understand the basic concepts of Configuration Management and the implications for FIPS 140.

Get the Book
Zeroization

Approved Security Functions
FIPS 140-2 vs FIPS 140-3

Side-by-side comparisons of FIPS 140-2 vs. FIPS 140-3 Approved security functions.

Get the Book
Zeroization

Zeroization:
What? Why? When?

Zeroization - why it is necessary, and when to use it for improved cybersecurity.

Get the Book
ACVTS cryptographic algorithm validation guide

10 Easy Steps to Cryptographic Algorithm Validation

Industry leader in providing Federal Information Processing Standards (FIPS) validations.

Get the Book
Ruggedization Guide

Entropy:
A Primer on
Conditioning Functions

Definitions, anecdotes, and parallel visualizations to explain entropy and how it can be used in cryptography.

Get the Book
Ruggedization Guide

5 Expert Tips for Multi-Chip Module Ruggedization

This guide will walk you through five expert tips for ruggedization of multi-chip cryptographic modules.

Get the Book
FIPS 140-2 validation guide

FIPS 140-2 Single-Chip Level 3 Physical Security

We simplify the breakdown of FIPS 140-2 Single-chip Level 3 requirements for physical security.

Get the Book
Fundamentals of Digital Signatures ebook guide

Fundamentals of Digital Signatures

Explore how digital signatures are made, and how to establish trust in a cyber world.

Get the Book

Other eBooks and Guides

by AEGISOLVE or Travis Spann
fault injection guide

Fault Injection and
Environmental Failure Testing

Fault induction is a process by which a device (and for the purpose of this discussion, in particular a cryptographic module) is forced to miscalculate defined operations, skip over required operations (such as password verification or self-tests), and exhibit other erroneous behaviors enabling the attacker (or tester) to gain access to sensitive data or unauthorized control of the device.

Get the Book
fault injection guide

Key Management
(DCI Memorandum)

On September 1, 2015, DCI provided to SMPTE a memorandum regarding its investigation into the implications of SP800-56Br1 compliance, should NIST decide to enforce it. In May 2016, NIST announced that it would enforce SP800-56Br1. This document is an update to DCI’s earlier FIPS memoranda regarding impact to Media Block (MB) designs and the Key Delivery Message (KDM).

Get the Book

Co-Authored Papers & Articles

How to design FIPS 140-2 cryptographic modules to meet TCG Implicit Identity Based Device Attestation

Avi Avanindra (Infineon), Sergey Ostrikov (Infineon), Travis Spann (Aegisolve)

This paper describes how to design and implement cryptographically secure devices, which meet the security requirements of FIPS 140-2 validation, while taking advantage of the Trusted Computing Group (TCG) defined device identification and attestation architecture.

Get updates from AEGISOLVE

News, publications, cybersecurity, FIPS, and DCI updates, and more