Elliptic Curve Cryptosystem Security Technologies are Approved Certicom Sponsored Work Items by ASC X9.TORONTO--(BUSINESS WIRE)--April 30, 1996--Certicom, a leading information security company, today announced that the American National Standards Institute See ANSI. (body, standard) American National Standards Institute - (ANSI) The private, non-profit organisation (501(c)3) responsible for approving US standards in many areas, including computers and communications. ANSI is a member of ISO. (ANSI (American National Standards Institute, New York, www.ansi.org) A membership organization founded in 1918 that coordinates the development of U.S. voluntary national standards in both the private and public sectors. It is the U.S. member body to ISO and IEC. ) accredited accredited recognition by an appropriate authority that the performance of a particular institution has satisfied a prestated set of criteria. accredited herds cattle herds which have achieved a low level of reactors to, e.g. standards committee ASC ASC Ambulatory surgery center, see there X9 has approved work items sponsored by Certicom. These security technologies for the financial industry use Elliptic Curve Cryptosystem (ECC (1) (Error-Correcting Code) A type of memory that corrects errors on the fly. See ECC memory. (2) (Elliptic Curve Cryptography) A public key cryptography method that provides fast decryption and digital signature processing. ) for the provision of information security services. The work items, Elliptic Curve Digital Signature Algorithm The Digital Signature Algorithm (DSA) is a United States Federal Government standard or FIPS for digital signatures. It was proposed by the National Institute of Standards and Technology (NIST) in August 1991 for use in their Digital Signature Standard (DSS) (ECDSA ECDSA Elliptic Curve Digital Signature Algorithm ECDSA Extended Cics Dynamic Storage Area )(X9.62) and Elliptic Curve Key Agreement and Key Management (X9.63), will now proceed through the ANSI standards development and consensus process. "The approval of these work items is very exciting," according to Blake Greenlee, chair of X9F1. "Security technologies based on elliptic curves meet the needs of emerging high volume financial transaction systems. These standards will reduce communications costs and processing time while increasing security; and, they will define technology implementable on smart cards because of the benefits ECC provides compared to more mature public-key algorithms." Draft standards will be presented by Certicom to the meeting of X9F1 in Naples, Fla., this week. The Digital Signature Algorithm (DSA (1) (Directory Server Agent) An X.500 program that looks up the address of a recipient in a Directory Information Base (DIB), also known as white pages. It accepts requests from the Directory User Agent (DUA) counterpart in the workstation. ) is the U.S. Government digital signature standard approved by NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. and the financial industry standard (X9.30-1) approved by ANSI. ECSDA ECSDA European Central Securities Depository Association (stock market) is the elliptic curve analogue of the DSA and will be available to governments and commercial users who want to take advantage of the benefits offered by elliptic curves. The Elliptic Curve Key Agreement and Key Management document describes several methods for key agreement and key transport using elliptic curve systems. The purpose of these standards is to define security processes based on elliptic curves that can be used to reduce communications costs and processing time in high transaction volume applications. Cindy Fuller, the associate director of standards and X9's administrator, said, "The parent X9 committee had a presentation of the elliptic curve technology at our Spring meeting and was very impressed. The membership feels this technology offers the banking industry a great deal of flexibility." Elliptic Curve Cryptosystems (ECC) provide strong security at small key sizes. Cryptographic algorithms require the use of steadily lengthening keys in order to counter advances in the computing power of attackers. This results in longer financial message size and increased processing time, thereby increasing costs. Cryptographic processes based on ECC provide efficient computation techniques which reduce communications and computation costs, thereby substantially reducing costs. In addition, implementation of key management in smart cards can be very costly and requires the dedication of a major portion of the IC chip. ECC uses minimal code space and memory on a smart card, allowing additional capacity for primary applications and permitting the use of low cost cards. Digital information security comprises a variety of technologies to prevent the unauthorized disclosure, alteration or removal of information; to control access to information moving across networks; and to verify the integrity of electronic files and user identity. These technologies require encryption and digital signatures based on public-key cryptography. ECC is the next generation in public-key technology because of its high strength in small key sizes. X9F is the subcommittee within X9 which develops the information security standards The term "standard" is sometimes used within the context of information security policies to distinguish between written policies, standards and procedures. Organizations should maintain all three levels of documentation to help secure their environment. for the financial industry - specifically, financial services data and information security. Its members include nationally recognized technical and financial service experts who develop and review standards within a public consensus forum. These standards define prudent business practices in accordance with X9 and ANSI procedures. Certicom is a leading information security company with experience and expertise in Elliptic Curve Cryptosystems. Certicom develops and implements advanced public-key cryptographic technology and provides public-key consulting and security solutions to the financial industry. These solutions provide security for applications such as remote banking over the Internet and electronic commerce. Certicom shares are quoted on the Canadian Dealing Network Canadian Dealing Network (CDN) The organized OTC market of Canada. Formerly known as the Canadian Over-the-Counter Automated Trading System (COATS), the CDN became a subsidiary of the Toronto Stock Exchange in 1991. under the symbol "CERT." CONTACT: Certicom Corp. Jennifer Vancini, 905/507-4220 or ANSI X9F1 Blake Greenlee, 203/762-8580 |
|
||||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion