From the Palm VII White Paper...
Palm VII Handheld Technology
Industrial Strength Security
The Palm VII wireless handheld integrates security features suitable for such security-conscious applications as electronic commerce. From the moment a new user enters credit card information to activate a service account, the need for security is ongoing as confidential information flows back and forth across the web.
Most existing security systems are not optimized for small devices. Certicom Corp., a leading provider of cryptographic security technologies, developed secure technology for the Palm VII handheld based on its implementation of an advanced security technology called Elliptic Curve Cryptography (ECC). ECC is widely recognized as the next generation in security technology. It provides higher levels of security at smaller key sizes than any other known public-key cryptographic system. The Certicom implementation significantly increases data throughput and reduces demand on resources. It provides the compact security, high processing efficiency and broad platform support that a small wireless handheld requires.
The full set of security measures for the Palm VII handheld include:
- Elliptic Curve Cryptography technology from Certicom.
- Data Encryption Standard Extended (DESX) data encryption combined with superior elliptic curve key management.
- Message Integrity Check (MIC) encryption and protection, detecting transmission errors and preventing eavesdropping.
- Secure Sockets Layer (SSL) encryption and protection between the Palm Computing © Web Clipping Proxy and other servers.
- Network authentication via the BellSouth Wireless Data network, protecting against hijacking and spoofing.
- Physical security of the Palm Computing Web Clipping Proxy and iMessenger software.
Palm Computing selected the elliptic curve cryptosystem, pioneered by Certicom, for the Palm VII public key cryptographic functions because of its unparalleled security, efficient software implementation, operating speed, and small message size. With ever-increasing computer power available to hackers for cryptanalysis, public key cryptosystems must use the largest key length practical. However, use of traditional cryptosystems results in very long message lengths, slow system response times, and decreased battery life. Certicom's advanced elliptic curve cryptosystem enables significantly shorter message sizes with the security strength of their 163-bit keys. These keys are equivalent in strength to RSA 1024-bit keys, thus minimizing message lengths without sacrificing security.
palm.com |
