At an encryption conference held in Toronto, Canada, in January 2005, about 60 encryption systems integrators and middleware vendors from around the globe gathered to discuss their concerns. They said that the toughest job facing them is being able to fix the security holes in their products to meet the encryption requirements of the Federal Information Processing Standard 140-2 (FIPS 140-2). In fact, they noted, about 30% of the new cryptographic modules fail to pass the FIPS 140-2 tests designed by NIST (National Institute of Standards and Technology), and about 20% of returning modules continue to have security bugs. Another concern that surfaced among the attendees was wireless security. Though many middleware developers want to extend their applications to a wireless environment, no real standard, they admit, seems to have replaced the broken Wired Equivalent Privacy algorithm.

See Also: Algorithm; Key; NIST (National Institute of Standards and Technology).