In the higher-math equivalent of a diplomatic thaw, the most powerful company in data encryption has offered an olive branch to an upstart that had been making some nasty competitive noises.
The opening could promote advances in smart cards and credit card security on the Internet-two places where the banking industry has not kept up with hopes and expectations.
RSA Data Security Inc., which sets the de facto standards for the codes that scramble and protect computerized information and electronic messages, is making room in its tool kit for an encryption method based on the mathematics of elliptic curves.
Though elliptic curve calculations have been under study since the last century, they in recent years gained a champion in Certicom Corp. This Canadian company's product claims evoked heated responses from RSA and some eminent cryptology scientists, who warned that such calculations had not been fully studied or stress-tested.
Now RSA wants to provide a laboratory and do more than Certicom has done. For example, it wants to support all three variations of elliptic curve, not just Certicom's choice.
For the moment, Certicom is finding some vindication.
"There was mudslinging, there was the question of would everyone accept it," said Certicom president and chief executive officer Philip C. Deck. "Necessity will push" the elliptic curve method, he said. "Now everyone can see it is real, here, and well-accepted."
Certicom has touted its Certicom Elliptic Curve Engine, or CE2, as a more economical alternative to the widely accepted RSA methods, particularly in devices like smart cards and wireless telephones that do not easily accommodate RSA-strength processing. Its licensees include the chip-card producer Schlumberger, chip-maker and cell-phone leader Motorola, and, as of last week, 3Com Corp. for Palm Pilot personal digital assistants.
Without elliptic curve, Mr. Deck said,cryptography, and therefore electronic commerce, would be impossible on devices like Verifone Inc.'s Personal ATM, a hand-size smart card reader that hooks into phone lines.
Elliptic curve has also piqued the interest of MasterCard, Visa, and their technology-company associates as a potential upgrade to the Secure Electronic Transactions protocol. The long-awaited SET 1.0 version is just coming out.
Because a SET payment requires numerous encryption operations, which are inherently complex, a move to elliptic curves and their reduced memory requirements might ease the burden on sellers' and buyers' computers.
RSA is not necessarily agreeing with Certicom's claims. In enhancing its BSAFE tool kit, RSA is encouraging system developers to subject elliptic curve to the rigorous testing that the more established algorithms underwent before they gained their rightful places in the tool kit-and hence in commercial use.
RSA officials' statements and company literature are still laced with disclaimers about how elliptic curve is in its infancy, not widely used, and in need of further scrutiny.
Jim Bidzos, president of RSA Data Security, pointed out that many proposed public key cryptosystems "have been broken or found too costly"- perhaps implying that elliptic curve might eventually suffer such a fate.
But he also said, "Elliptic curve cryptosystems appear promising at this point and deserve further analysis."
Indeed, the Redwood City, Calif., vendor, a subsidiary of Security Dynamics Technologies Inc. of Bedford, Mass., said it was responding to marketplace clamor. It said it started to do the same a year ago but got waylaid by demands for Java-based security.
"Our focus has always been on providing the right cryptographic technology to suit the diverse needs of our customers," Mr. Bidzos said.
Microsoft Corp. and Netscape Communications Corp., not the best of friends, issued statements of approval. They were in an initial group of 10 companies that RSA said had agreed to participate in an elliptic curve field trial in the second quarter, when the BSAFE 4.0 version is to be shipped.
Also in the test group were Verifone and Atalla Corp., licensees that had representatives present last March when Certicom celebrated the opening of its San Mateo, Calif., office, which is now its sales and marketing headquarters.
At the annual conference that RSA held last week in San Francisco-an event of such industrywide importance that Certicom executives attended and hung on every word about elliptic curve-RSA said it hoped to sign at least 50 developers for the trial by March 31.
"There is still a lot to be learned," said RSA vice president of marketing Scott Schnell. "The benefit of a field trial is, we will start getting a broad community shipping, hacking into, and understanding how to use the technology."
RSA expects it is best suited to small devices, not personal computers, and for when data needs are "transitory."
Victor Chang, RSA vice president of engineering, told the conference that elliptic curve's advantage is that an encryption key of 160 computer bits-the series of binary digits that encodes or deciphers-offers the same security as a 1,024-bit RSA key. That makes elliptic curve "the clear winner in a constrained environment."
Contradicting Certicom, Mr. Chang said elliptic curve public key operations-the keys that are openly exchanged, in contrast to those that are kept private to verify a transaction's authenticity-are slower than RSA's.
"We were surprised to hear our implementations are not very fast," said Mr. Deck. "We would ask, 'If they are not faster, why is RSA supporting'" elliptic curve?
Referring to 3Com's personal digital assistant, Mr. Deck added, "They are saying they need this to make their PDA the most secure platform around. These small, cheap devices will be the most numerous computers in the world. If our technology works in the most constrained, low-power platforms, it can certainly be compatible with desktop equipment."
Michael Wiener, senior cryptologist at Entrust Technologies in Ottawa, Canada, measured the speed of elliptic curve against conventional algorithms in electronic mail, on-line communications, key exchanges, and other functions. His assessment: "The best choice depends on your setting."
