MEDIA ADVISORY: Certicom's ECC Encryption Uniquely Suited to US Government's Standard for Global Information Security
HAYWARD, CA, Dec 11, 2001 /PRNewswire via COMTEX/ -- The U.S. Commerce Department's adoption of a new Advanced Encryption Standard (AES) on Dec. 4 as Federal Information Processing Standard 197, sets a new benchmark for global information security, according to Certicom (Nasdaq: CERT; TSE: CIC), a leading provider of mobile e-business security. AES is a symmetric-key algorithm that replaces the long- standing Data Encryption Standard (DES), and is the culmination of a four-year effort by computer scientists at the Commerce Department's National Institute of Standards and Technology (NIST) to achieve a highly secure algorithm.
Certicom's Elliptic Curve Cryptography (ECC) is a complementary public- key algorithm that is uniquely suited among public-key cryptosystems to provide strong security for use with the new AES. Although DES has been widely used since the mid-1970's, its small key size of 56 bits makes it inadequate for most present-day security applications. The AES algorithm has key sizes of 128, 192, and 256 bits, which provide increased security.
Security solutions, such as security protocols on the Internet, employ a combination of symmetric-key algorithms, like the AES, and public-key algorithms, like ECC, to ensure secure communications. Security solutions are only as strong as their weakest component, so public-key algorithms offering comparable security to AES must be deployed. ECC 512-bit keys can provide comparable security to 256-bit AES; by comparison, other public-key systems like the RSA algorithm will require more than 15,000-bit keys for the same job. At a 256-bit AES key size, an ECC signature can be created approximately 500 times more quickly than an RSA signature. Smaller ECC keys mean lower processing power, storage space, and bandwidth are required, enabling developers to meet the future security requirements for mobile devices. |
