Cryptography for Mexican companies in 2026: the minimum you should know
Post-quantum, TLS 1.3, key management, digital signatures. A pragmatic guide for Mexican CTOs and IT directors.
"Cryptography: the power of ciphers" is one of my flagship talks. I have delivered it at Campus Party, FLISOL, UNITEC and IPN. These are the concepts every Mexican company should understand in 2026.
TLS 1.3 — today's minimum
If your site still serves TLS 1.0 or 1.1, you are in critical territory. TLS 1.3 with HSTS enabled is the floor.
Keys: rotation and custody
Keys are not files in the repo. Vaults (HashiCorp Vault, AWS KMS, Azure Key Vault) with quarterly rotation.
Post-quantum — not urgent, but not optional
NIST standardized post-quantum KEMs in 2024. In 2026 you should have a 5-year migration plan.
Digital signature with legal value
In Mexico, the SAT's FIEL and e.firma signatures. Know their limits and use them correctly.