ATM Security Committee Votes for Freedom of Choice; Decision prompted by confidence in Cylink's Diffie-Hellman Key Management Security Mechanism.SUNNYVALE, Calif.--(BUSINESS WIRE)--July 22, 1996--The ATM Technical Committee's Security Working Group voted last month on the encryption and authentication mechanisms to be deployed as "default" for ATM (asynchronous transfer mode See ATM. (communications) Asynchronous Transfer Mode - (ATM, or "fast packet") A method for the dynamic allocation of bandwidth using a fixed-size packet (called a cell). See also ATM Forum, Wideband ATM. ATM acronyms. Indiana acronyms. ) networks; Cylink Corp. made an important move to enable freedom of choice. As the first and only company to build an ATM cell encryptor, (now commercially available as a joint development with GTE), Cylink participated in this forum for the first time, presenting solutions to the committee which changed the direction and the outcome of this vote. Dr. Louis Finkelstein, senior staff engineer, Motorola Corp., said the RSA (1) (Rural Service Area) See MSA. (2) (Rivest-Shamir-Adleman) A highly secure cryptography method by RSA Security, Inc., Bedford, MA (www.rsa.com), a division of EMC Corporation since 2006. It uses a two-part key. cryptographic method which was the default standard for ATM is no longer the technology of choice. RSA has two major problems: (1) a royalty fee is associated with its use, and (2) the technology has a weakness in that one party can force a key of its choosing into the cryptosystem. As a solution, Cylink offered royalty-free Diffie-Hellman for key management, providing greater security by requiring both communicating parties to generate the encryption key. The majority of the committee member companies showed a distinct preference for Diffie-Hellman and DSS. Recognizing the benefit in having Diffie-Hellman and DSS as options, the committee then elected not to have a default security method, but instead to list each technology as "optional." "It is vital that public key technology become ubiquitous, especially as the future success and adoption of new communications technologies such as ATM depend upon it," said David Morris, executive vice president for Cylink Corp. "The value of Public Key Cryptography An encryption method that uses a two-part key: a public key and a private key. To send an encrypted message to someone, you use the recipient's public key, which can be sent to you via regular e-mail or made available on any public Web site or venue. lies in its application, not in the patents or fees derived from selling licenses. This is why Cylink has adopted a policy of granting royalty-free licenses for the Diffie-Hellman Public Key technology with regard to standards-based implementations." "This decision will prove to be critical for network managers who want to build secure, production-worthy ATM networks," said David Benham, senior manager of Cisco's ATM Internetwork Operating System (Cisco IOS) Software. "Cisco has purchased the rights to freely distribute the source code to the Diffie-Hellman key exchange Diffie-Hellman (D-H) key exchange is a cryptographic protocol that allows two parties that have no prior knowledge of each other to jointly establish a shared secret key over an insecure communications channel. and makes it available to all third parties on a royalty-free basis. This, in addition to Cylink's ATM cell encryptor, will assist users in deploying standards-based encryption and key management for ATM networks just like they can for IP today." "The committee made an important decision that will undoubtedly accelerate the use of public key technology in ATM communications," said Larry Rhue, vice president and general manager, Marketing and Product Management, GTE. "Instead of imposing a default standard on all ATM users, the committee wisely chose a path that lets users select the encryption method that provides a level of security commensurate with their concerns and needs. Cylink's offer to grant royalty-free licenses for Diffie-Hellman public key technology should help establish it as a de facto standard Hardware or software that is widely used, but not endorsed by a standards organization. Contrast with de jure standard. de facto standard - A widespread consensus on a particular product or protocol which has not been ratified by any official standards body, such as ISO, for secure ATM communications." "There are various (competing) public key technologies that are available in the marketplace. Diffie-Hellman is a key distribution means that is more resistive to a man-in-the-middle attack under some conditions," said Finkelstein. "The computer world is standardizing on certificates. These certificates are primarily based on public key technologies." ATM's advantages include bandwidth-on-demand, transfer of broadcast-quality video, voice and data, as well as significant cost savings in moving from a private leased line to public services. Through Cylink technology, companies are able to move to ATM without compromising protection of their data. Cylink is the recognized world leader in public key cryptography, holding exclusive patented rights to the fundamental public key U.S. patents owned by the Leland Stanford Junior University, Cryptographic Apparatus and Method (Hellman-Diffie) No. 4,200,770, and Public Key Cryptography Apparatus and Method (Hellman-Merkle) No. 4,218,582. These patents cover all methods of public key cryptography, including Diffie-Hellman key exchange and the DSS. DSS is a federal information processing standard Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States Federal government for use by all non-military government agencies and by government contractors. (FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. ) for providing digital signatures, and an ANSI (American National Standards Institute, New York, www.ansi.org) A membership organization founded in 1918 that coordinates the development of U.S. voluntary national standards in both the private and public sectors. It is the U.S. member body to ISO and IEC. standard. Diffie-Hellman is part of the existing and proposed business and financial security standards of ANSI, IEEE (Institute of Electrical and Electronics Engineers, New York, www.ieee.org) A membership organization that includes engineers, scientists and students in electronics and allied fields. , ITU-T See ITU. ITU-T - International Telecommunications Union , ISO (1) See ISO speed. (2) (International Organization for Standardization, Geneva, Switzerland, www.iso.ch) An organization that sets international standards, founded in 1946. The U.S. member body is ANSI. , IETF See Internet Engineering Task Force. IETF - Internet Engineering Task Force for Internet, World Wide Web and electronic commerce, such as Cisco's ISAKMP (Internet Security Association and Key Management Protocol) A framework for establishing trusted interactions among entities using TCP/IP. See IKE. ISAKMP - Internet Security Association and Key Management Protocol and Sun's SKIP reference implementations for the IETF. Cylink Corp. (NASDAQ NASDAQ in full National Association of Securities Dealers Automated Quotations U.S. market for over-the-counter securities. Established in 1971 by the National Association of Securities Dealers (NASD), NASDAQ is an automated quotation system that reports on : CYLK) has been the leading provider of security and management for every type of network since 1984. Cylink's security products enable secure data transmissions over local area networks (LANs), wide area networks (WANs), public packet switched networks (such as the Internet) and Asynchronous Transfer Mode (ATM) and Frame Relay networks. Headquartered in Sunnyvale, Cylink's customers include Fortune 500 companies, multinational financial institutions and international government agencies. Cylink also provides comprehensive network security consulting services. For more information about Cylink and its family of hardware, software and network security products, visit the company's Web site at http://www.cylink.com. CONTACT: Cylink Corp., Sunnyvale Ina McGuinness, 310/207-9300 (investor contact) or Paula Contos Dunne, 408/523-5993 or 408/229-7721 (pager) pdunne@cylink.com |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion