Latest Posts
-
What a Cryptographic Key Management System Should Look Like
.
Whenever people discuss application security, encryption is usually one of the first topics that comes to mind. Developers often compare algorithms such as AES and RSA, trying to determine which one provides stronger protection. While selecting the right algorithm is important, there is another component that deserves even more attention. That component is cryptographic key…
-
Designing a Key Management Program
.
In many software projects, security is often discussed in terms of encryption algorithms, secure APIs, or compliance frameworks. However, one topic that is often underestimated is key management. Encryption itself is usually not the problem. The real challenge is how we manage the keys used for encryption. A strong algorithm like AES or RSA can…
-
Backup, Archive, and Recovery: What NIST Really Says About Keeping Keys Safe
.
When people talk about cryptography, most of the time the focus is on algorithms. AES, RSA, ECC, hashes, signatures. Those are important, of course. But after years of working with payment systems, compliance audits, and real production incidents, I learned something very practical. Crypto usually does not fail because the math is broken. It fails…
-
Understanding Key Usage: When to Use Which Key (Signing, Encryption, MAC, KDF)
.
In many projects I worked on, especially payment systems and backend services, cryptography was always there. Sometimes very visible, sometimes hidden deep inside libraries or infrastructure. One thing I noticed over the years is that people often talk about keys as if they are all the same. A key is a key, right? Just keep…
-
Key Management Failures I’ve Seen (And How NIST Prevents Them)
.
Key management is one of those topics that sounds boring until something goes wrong. In many projects I worked on, encryption was already implemented, HSMs were already deployed, and everyone assumed security was handled. Then audits happened. Or incidents. Or simple operational changes. That is usually when hidden problems around key management start to appear.…
About Me
Hi I’m Assi—I’m dedicated to advancing cashless payment technology and sharing insights with fellow developers and solution architects on my blog, Cashless Nomad.
I embrace a mobile lifestyle by replacing cash with digital payments, enabling seamless transactions anywhere. Going cashless keeps me connected, agile, and financially flexible—perfect for traveling light and skipping currency hassles.
Checkout my other blogs at marai.dev