Hi Robin - I'm sure that you're right but I thought that I should err on the conservative side.
Now, how about this. Here's our article in Information Week - came out a week ahead of schedule. Also the Globe & Mail (Canada's National Business Daily) will mention Jaws in next (probably) Thursday's edition. The article will most likely talk about the Canadian Government's policy of allowing Canadian firms to export strong encryption.
The Information Week Article
techweb.com
September 28, 1998, Issue: 702
Section: Networking
--------------------------------------------------------------------------------
Security Stronghold -- Jaws Technologies Touts 4,096-Bit Key Encryption Product As Strongest Yet
Beth Davis
All of today's computing power churning concurrently for hundreds of years-that's what it would take to crack new data encryption technology from Jaws Technologies Inc., according to the Canadian startup that recently launched a security product based on an encryption algorithm that uses 4,096-bit keys to scramble data.
The complex algorithm, which has been in development for 17 years, is eminently more powerful than the encryption technologies used by most companies. The strongest employed in most commercial installations is 128-bit key encryption.
Jaws' technology is probably the strongest encryption on the market, four times the strength of what's considered strong, says Robert Chomentowski, an analyst at Frost & Sullivan. "Four times amounts to being exponentially stronger," he says. "Every time you double the number of bits in the key, it becomes much stronger. For example, the difference between 56-bit and 1,024-bit is really thousands of times stronger."
For a message scrambled with 40-bit key encryption, it would take 1,099,511,627,776 guesses to decrypt it, according to Robert Kubbernus, CEO and chairman of Jaws, in Calgary, Alberta. For a message encrypted with a 4,096-bit key, there isn't even a name for the number of guesses it would take, he says.
"For a 56-bit key, there are 72 trillion combinations," Kubbernus says. "For 4,096-bit key encryption, there are 411 commas in the number that represents the number of combinations. We are way past the last scientific number defined."
Another way to look at it, Jaws executives say: You'd need to hit a hole-in-one on a 150-yard tee more than 1,000 times in a row. Or, you could cover the earth 3 feet deep with golf balls to equal the number of permutations a 4,096-bit key could create.
Jaws Technologies is so confident of its encryption strength that it offered $5 million to anyone who could decipher a text message scrambled with Jaws L5 encryption. None of the nearly 600 entrants from some 35 countries who took on the three-month challenge this summer was successful.
Who Needs The Muscle?
But Jaws' strength prompts the question: Does anyone really need it? Kubbernus and his team think so. With the market for electronic commerce growing rapidly, security must keep up, Kubbernus says: "One hundred twenty-eight-bit encryption is probably secure for now. But where the problem lies is with that big word probably."
Business users agree. Says Jim Fish, chief operating officer at Axion Internet Communication Inc., "One hundred twenty-eight-bit encryption has already been broken, and I don't think breaking 256-bit is too far down the road." Axion, a regional Internet service provider in western Canada, is using Jaws encryption to build secure E-mail apps for its customers. Axion expects to test the application in December. Two law firms and an international insurance broker are planning to participate, Fish says.
"With E-mail over the Internet becoming a key business tool, and with more sensitive business information being sent over the Internet, we need this," Fish says.
The security market is competitive and crowded. Companies such as Security Dynamics (which owns well-known encryption developer RSA Data Security) and Network Associates (which last year bought another encryption leader, Pretty Good Privacy) already have a corner on encryption.
Knowing this, Kubbernus says, Jaws Technologies needed more than strong encryption. "For a young company, we had to come out with a substantial difference from the rest of the encryption software available," he says. Jaws also wanted its product to be invisible to the end user. "If securing communications adds more things to do at the end of the day, you won't use the security," Kubbernus says. "It has to happen right on the operating system. When you shut down your notebook, for example, it should just encrypt your data automatically.''
Jaws lets users encrypt all types of files or an entire directory. It uses public-key and private-key mechanisms. It requires about 2 Mbytes of memory, and benchmark tests on a Dell Pentium II 300 with 128 Mbytes of RAM showed that it can encrypt a 4-Mbyte file (a high-quality image, for example) in about 4-1/2 seconds, the company says.
Encryption From An Early Age
The first incarnation of the Jaws L5 Data Encryption was developed by Jim Morrison, chief programmer at the company. At age 7, Morrison developed his first encryption algorithm to protect his data from fellow classmates. Now 27, he's spent his life developing the extra-strong encryption.
"I don't think I could calculate the hours anymore that I've spent on this. It became a pet project of mine, and I would stay up until I dropped, basically, working on it," Morrison says.
The hours have hurt Morrison, who wears ultraviolet lenses to protect his eyes, which are sensitive to light after spending so many years using early computers, which didn't meet today's radiation standards. He works in a windowless room, with only one light in the corner.
Nevertheless, Morrison's dedication has paid off. In February 1998, E-Biz Solutions bought Jaws L5 encryption; two months later, E-Biz changed its name to Jaws Technologies Inc. Publicly traded on the Nasdaq-OTC/BB stock exchange (JAWZ), the company expects to release first-quarter financials soon.
With 20 employees, Jaws is planning future products as well. Work is near completion for the next level of encryption-16,384 bit, Kubbernus says. The company is negotiating with a microchip manufacturer to develop hardware based on the 4,096-bit encryption. Jaws also wants to partner with software vendors, Kubbernus says.
It may be too early to tell whether 4,096-bit encryption will become mainstream, but there are companies looking for such strong security, particularly in financial markets, Chomentowski says. "The stronger, the better," he says. "There is always going to be a market for securing ultrasensitive data.'' ---
At A Glance: Jaws L5 Data Encryption
Key lengths: 40, 56, 128, 1,024, and 4,096 bits
Program size: 386 Kbytes
memory required; at least 2 Mbytes of free RAM
Program speed: 4,096-bit key encrypts a 4-Mbyte file in 4.29
seconds; decrypts in 4.28 seconds
Systems supported: Microsoft's Windows 3.11, 95, NT; Sun's Java
Copyright ® 1998 CMP Media Inc.
Barrie Einarson
bbruin@home.com
|
