Certicom Corp., the Canadian data encryption company, held a coming-out party last week here in the heart of Silicon Valley.
The debutante-the ostensible reason for a presentation to the high-tech press and analyst community-was Security Builder, a tool kit for the data security technology based on an advanced mathematical technique known as elliptic curve.
But the reception was far more positive and celebratory than might normally be expected for a mere product introduction-particularly one by what is essentially a start-up company with just a handful of people based in the United States.
Certicom's elliptic curve cryptosystem, or ECC, has fueled the hopes of smart card enthusiasts and others looking for cheap and efficient ways to secure and authenticate electronic transactions. In academic papers and increasingly in test settings, ECC is delivering on its promise to provide the kind of security normally associated with high-level programs from the standard-setter in the field, RSA Data Security Inc., but using much less computing power and memory capacity.
"ECC offers the most security per bit of any known public key system," Certicom founder and chief cryptographer Scott A. Vanstone said in an echo of what has become Certicom's basic sales claim.
This makes the technology especially useful in what is known in the trade as "small-footprint environments" such as smart cards or wireless communications devices, where space is at a premium. What an RSA or Data Encryption Standard key-the string of computer bits necessary to encode or decode an ecrypted message-accomplishes with 1,024 bits, ECC can do in 160.
The difference is rooted in mathematics. The standard cryptographic systems that evolved over the last two decades rely on integer, or whole- number, calculations in the exchange of public and private keys between sender and receiver. The elliptic curve cryptosystem works and is applied the same way, but is based on a 150-year-old school of mathematics based on equations that can be calculated more easily and faster.
As credit card bankers and their merchant customers have learned in their work on the MasterCard-Visa Secure Electronic Transactions (SET) protocol for Internet payments, the number-crunching associated with industrial-strength encryption can make these transactions painfully slow.
Meanwhile, the electronic commerce industry is developing ways to use smart cards as security tokens. These have the advantage of being portable- cardholders could conduct secure transactions at any device with a card reader-but there is still the question of speed.
Mr. Vanstone recalled hearing a presentation in 1985, the dawn of the elliptic curve cryptography era, by one of its pioneers, International Business Machines Corp. researcher Victor Miller: "When I heard Miller I thought if encryption were going to go on a smart card, this was the way."
The ECC alternative seems so compelling that even RSA Data Security in Redwood City, Calif., just a few miles away from Certicom's recently opened U.S. office in San Mateo, is expected to offer its own implementation of the technology.
Steve Mott, the senior vice president who oversees MasterCard International's SET activities, has expressed hope that the next version of SET be "algorithm independent"-so it can be implemented via either an RSA or ECC method. "ECC may become the dominant implementation," he said, citing the apparent economics.
"The overall goal is to reduce the perceived importance of security-to make it less intrusive," said Philip C. Deck, Certicom's president and chief executive officer.
Uncertainties surrounding SET-its first version is not yet complete, let alone the second that Mr. Mott was looking ahead to-threaten to create what Mr. Deck called "SET paralysis" among bankers. And while they wait for clearer direction on when and how to proceed, the personal-computer industry is moving ahead with the introduction of smart card readers.
"We have to get people onto cheaper smart cards with high security, and that's where we (Certicom) can make a contribution," Mr. Deck said in an interview during the Santa Clara presentation. "Our push is into the wireless and smart card areas, which is where the security that is now in PCs is going to migrate."
Mr. Deck trotted out an impressive array of allies and licensees working with Certicom.
David Barnes, product marketing manager at Verifone Inc., told of how his company is building ECC into its Personal ATM hand-held smart card reader and associated Verismart technology for on-line banking and commerce.
Representing the wireless communications market, Motorola Inc. product manager Tres Wiley said, "Security must be invisible and not degrade system performance. Smaller keys will be more and more critical. And in wireless, anything we can do to save battery life is important. Demand for security will go nothing but up."
Bob Gargus, president and general manager of Tandem Computers Inc.'s Atalla division, which specializes in secure on-line transaction systems, said ECC can be an answer to "processing-intensive and obtrusive" security measures. A SET transaction requires so many operations, Mr. Gargus said, that a Pentium computer at a speed of 90 megahertz can handle just one transaction a second-not acceptable for merchants that hope to do a volume business on the Internet.
He predicted "economical, hardware-based solutions in the next 90 to 120 days" for the SET computer-intensity problem, and an ECC implementation of SET by early next year.
Francois Lasnier, a development engineer in San Jose, Calif., for the French smart card manufacturer Schlumberger, showed the results of a joint effort to prove ECC's worth on a chip card.
Instead of an expensive chip enhanced with a cryptoprocessor, an 8-bit Motorola chip (68SC28) was used for a digital signature demonstration.
At a "slow" 3.5 megahertz it generated a signature in less than 600 milliseconds, comparable in speed to a 708-bit RSA key operating on a cryptoprocessor at 20 megahertz.
Mr. Deck said other licensees include Commerce Direct International, GlobalKey Inc., and Sterling Commerce in electronic data interchange applications. He added that Certicom is in "discussions with a great number of companies."
Certicom, based in Mississauga, Ontario, has 53 employees. Founded as Mobius Encryption Technologies in 1985, it changed its name and went public in 1995. Its over-the-counter stock now trades at more than 10 times the $3 issue price.
Annual revenues are running at about $2 million, mostly from non-ECC products such as a fax encryptor. With ECC revenues starting to kick in, Mr. Deck is projecting revenues of $10 million next year.
Mr. Deck said Certicom needed strong market capitalization ($200 million U.S.) to gain credibility with potential customers.
These will generally be companies like Atalla and Schlumberger that incorporate the technology in products they sell to banks and others.
Innovations in cryptography also take time to gain acceptance because they must be subjected to trials and to deliberations by standards bodies, which for ECC are well advanced. Terisa Systems Inc. of the United States, one of the technology providers in the SET project, is one of those "kicking the tires," having licensed the elliptic curve tool kit earlier this year.
Mr. Deck said the beta-test version of the Security Builder tool kit, called Certicom Elliptic Curve Engine, went to 50 companies last year. "The feedback was that it was very fast. But today's product is 4.5 times faster," the CEO said.