August 13, 1997 5:00 PM PDT

Certicom offers alternative to RSA

Related Stories

Free crypto plan could hurt RSA

August 12, 1997

VeriFone chooses encryption

June 20, 1997

Security put to the test

September 10, 1996

GNN adds new dimension to cyberspace

April 24, 1996
Canadian company Certicom is making inroads into the encryption market by giving users the option of using its elliptic curve cryptography rather than the more common RSA Data Security code.

Today the company announced that it create two encryption plug-ins to the Microsoft (MSFT) CryptoAPI security framework. Elliptic curve cryptography is based on a different mathematical algorithm from RSA encryption, which is by far the market leader in cryptography. Elliptic curve crypto requires less computing power to create, encrypt, and decrypt communications, according to Certicom.

"CryptoAPI will become one of the pivotal architectures in electronic commerce and securing desktop applications," said Philip Deck, Certicom chief executive. "Elliptic curve cryptography and Certicom are really becoming part of the infrastructure."

CryptoAPI allows different vendors to plug in modules for cryptographic functions in Windows applications. That lets software application developers choose different modules and change them as new technologies emerge. Making changes is more difficult if the cryptography is written into the application itself.

Microsoft's Edmund Muth said more than 14 companies, including Microsoft, have created plug-ins for CryptoAPI. Others include Atalla, Hewlett-Packard Trusted Information Systems, and Cylink.

Certicom will do two separate plug-ins for creating digital signatures, which verify the identity of a sender and assure that a communication has not been tampered with.

Certicom, formed five years ago, only has been marketing its cryptography since March, but it's been aggressively marketing its products. Certicom also is developing a crypto chip for wireless with Motorola, which recently took a 5 percent stake in Certicom.

Elliptic curve cryptography is likely to be added to version 2.0 of the Secure Electronic Transactions protocol, created by MasterCard and Visa for secure payment card transactions over the Internet.

Certicom is considering similar plug-ins for security architectures from Intel and Netscape Communications.

 

Join the conversation

Add your comment

The posting of advertisements, profanity, or personal attacks is prohibited. Click here to review our Terms of Use.

What's Hot

Discussions

Shared

RSS Feeds

Add headlines from CNET News to your homepage or feedreader.