BYTE.com
RSS feed
Archives
Columns
Features
Print Archives 1994-1998
Special
Michael Abrash's Graphics Programming Black Book
101 Perl Articles
About Us
Write to BYTE.com
Advertise with BYTE.com

Newsletter
Free E-mail Newsletter from BYTE.com
Email Address
First Name
Last Name




 
    
  HOME   ABOUT US   ARCHIVES   CONTACT US   ADVERTISE    
BYTE.com > Features > 2005

Throwing Cryptography a Curve Ball

By Dr. Scott Vanstone

August 1, 2005

(Throwing Cryptography a Curve Ball :  Page 1 of 1 )



A quick look back through the history of cryptography makes one thing perfectly clear: Security is never absolute. New technologies, new threats, and new practical demands are constantly emerging, reshaping expectations—and sometimes even redefining what "security" means in the first place.

As a result of this ongoing evolution, cryptographic algorithms that once reigned supreme—DES, RSA and the like—have begun to show their limitations (and in the case of DES, have reached them). This has implications for manufacturers and security engineers building devices today, because the level of security they choose to build into their equipment will have a direct impact on the real-world lifecycle of that equipment. If security functionality can't stand up to the test of time, the longevity of the device itself is compromised.

Elliptic curve cryptography (ECC), once the young upstart of cryptographic algorithms, has now been shown to meet the most stringent long-term security requirements. The NSA has adopted ECC, and it has been recognized by accredited standards bodies such as the American National Standards Institute (ANSI) and the International Standards Organization (ISO).

But what is ECC, and what will it mean for the software industry?

Public-Key Cryptography

Throughout history, encryption has been used to protect the confidentiality of data. In the 1970s, the Data Encryption Standard (DES) was designed, and in a few years became a worldwide de facto standard. DES is an example of a 'symmetric-key' algorithm, so called because the two communicating parties need to share a secret key—this key is used to encrypt data as well as to decrypt it. DES can also be used to authenticate data, so that a recipient can be assured of the source of the data. Again, the two communicating parties need to share a secret key in order to be able to authenticate data sent to each other.

There are some difficulties inherent to deploying symmetric-key cryptography on a large scale.

 Page 1 of 1 


BYTE.com > Features > 2005
Dr. Dobb's Media Center
BYTE.com Store

BYTE CD-ROM
NOW, on one CD-ROM, you can instantly access more than 8 years of BYTE.
 
The Best of BYTE: Volume 2 - Heuristic Algorithms
The Best of BYTE: Volume 2 - Heuristic Algorithms
In this volume of Best of BYTE, we explore the emergence of some heuristic algorithms. Although we have only scratched the surface of this intriguing subject, we hope we've suggested the potential of the synthesis of heuristics and algorithms.

© 2008 Think Services, Privacy Policy, Terms of Service, United Business Media Limited
Site comments: webmaster@byte.com
Web Sites: BYTE.com, dotnetjunkies.com, Dr. Dobb's Journal, SD Expo, Sys Admin, sqljunkies.com, Unixreview



MarketPlace
IT Service Management that Delivers. Real Value. Real Flexibility. Real Results. Free Demo.
Fast online exception analysis. Capture customer crash data online.
One Stop to Buy All Your Business IT Solutions. Browse Through Dell's Best Deals Online Now!
Find Scalable and Secure Dell� Network Server Solutions at Dell� - Official Site.
Advance Your Business Technology Now with the Thin and Portable Business Solutions at Dell.com Now!
Wanna see your ad here?
 

web2