Advanced Search | Help

  HOME     |    TOPICS     |    BACK ISSUES     |    EVENTS     |    NEWS    



  
Reprints & Linking Info   Printer-Friendly    Email this Article   
 Submit
    Font Size     What's This?


[Product Features]
Elliptic Cryptography Strengthens Security
This security tool suite aims to protect government and corporate data in today's handheld, power-sensitive wireless devices.

John Blyler
April 2004

1) Misconceptions About Wireless Broadband Abound  89
2) Hack Your Way To WLAN Security  41
3) Unrealistic Expectations Threaten WiMAX's Success  33
4) Locked Your Keys In The Car? Get Out Your Cell Phone  29
5) Are Satellite-Broadband Systems Internet-Ready?  28
ALL TOP 20 >>

Most on-the-go, mobile wireless users need to transmit and receive their data with a reasonable level of security. Unfortunately, early wireless security methods like WEP required a great deal of processing power. As a result, users chose to disable their security features. The problem was the age-old dilemma of encryption algorithms versus processor speed and power consumption. The last two factors are directly related, as an increase in processing power typically requires more clock cycles. Additional clock cycles translate into more power consumption.

One solution is to build faster processors that consume less power. Another approach is to create encryption algorithms that provide equivalent or even greater levels of security while using less processing power. Certicom Corp. uses this method to develop products based on public-key technologies, such as the Advanced Encryption Standard (AES) and Elliptic Curve Cryptography (ECC).

ECC is an alternative to the older RSA system. It has been approved by standards organizations including ANSI, the IEEE, and the National Institute of Standards and Technology (NIST). It also has caught the eye of the United States' National Security Agency (NSA). Recently, that agency signed an agreement with Certicom to license 26 of its patents.

When combined with existing public-key security methods, carefully constructed elliptic-curve algorithms can provide faster encryptions using smaller key lengths. In turn, less processing is needed by the hardware in mobile, power-constrained devices. Standards-based, public-key technologies like AES and ECC provide a high level of security with relatively small key lengths.

Of course, having a set of standard cryptographic technologies is one thing. But knowing how to incorporate them into embedded wireless devices is a whole different issue. In response to this problem, Certicom has developed a suite of cryptographic tools and applications. Foremost among them is Security Builder GSE, the company's core developer toolkit for the government system. It has recently earned the Federal Information Processing Standards (FIPS) 140-2 certification for the Palm OS 4.1 platform. This achievement builds upon last year's FIPS validation on the Microsoft (www.microsoft.com) Windows and Microsoft Windows CE operating systems.

As a benchmark for security within government agencies, FIPS 140-2-validated products must undergo testing by accredited labs to satisfy NIST specifications. Because Security Builder GSE is FIPS certified, designers of government wireless devices can merely add the GSE module into their systems.

This toolkit serves as the primary cryptographic module for all of Certicom's security applications, such as movianVPN GSE and movianCrypt GSE for Palm. These products allow designers—especially in government agencies—to securely extend their networks to wireless handhelds using FIPS 140-2-validated applications. Motorola, for example, recently confirmed that it will embed movianVPN into its A760 smart phones.

The GSE C-based module provides a full range of cytological tools and functions, including those required by FIPS-certified systems. For example, the GSE module enables the handling-key-generation and random-number-generation (RNG) seeding.

In addition to supporting ECC, the Security Builder GSE module enables all of the standard cryptographic algorithms. They include DES, 2DEC, AES, SHA-1, and the RSA public-key algorithms.

Among the other toolkits in the company's Security Builder family are Security Builder Crypto, PKI, and SSL. Crypto 4.0 allows developers to build cross-platform cryptographic systems. Over 30 platforms are supported, including Microsoft Smartphone OS and Windows CE.Net.

Security Builder PKI is a digital certificate-management tool. SSL provides Secure Socket protocols for SSL/TLS data transmissions. All of the Security Builder products integrate security into C- and Java-based applications. Each one uses an API for both desktop and wireless applications.

Security Builder products are available immediately. Most are priced according to a license fee and royalties based on the number of devices.

Certicom Corp.
1810 Gateway Dr., Suite 220, San Mateo, CA 94404; (650) 655-3950, FAX: (650) 655-3951, www.certicom.com.

See associated figure

[Reader Comments]
Elliptic Cryptography Strengthens Security
READER COMMENTS:
We want to hear what you have to say about this article!



Enter the text from the image below


Please refresh the page if you have trouble reading this text.

     
Your email is only used if our editors need to contact you.
Connection Failure



PartFinder

Find real-time pricing, stock status, same-day/next-day shipping options and more. Brought to you by Digi-Key. Go to PartFinder.    
GlobalSpec

PART SEARCH :
Powered by: GlobalSpec - The Engineering Search Engine
Sponsored Links
Electronic Design Europe Electronic Design China EEPN Microwaves & RF Schematics
Electronic Design Military Electronics Featured Vendors EE Events Free Design Resources



Planet EE Network Home | Contact Us | Editorial Calendar | Media Kit | Headlines | Site Feedback & Bugs
Copyright © 2008 Penton Media, Inc., All rights reserved. Legal | Privacy