Challenge On February 16, 2005 the National Security Agency (NSA) presented its strategy and recommendations for securing U.S. Government sensitive and unclassified communications. The strategy included a recommended set of advanced cryptography algorithms known as Suite B. The protocols included in Suite B are Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Menezes-Qu-Vanstone (ECMQV) for key transport and agreement; the Elliptic Curve Digital Signature Algorithm (ECDSA) for digital signatures; the Advanced Encryption Standard (AES) for symmetric encryption; and the Secure Hashing Algorithm (SHA). In order to properly meet the Suite B standards, vendors must have a firm grasp on ECC-based algorithms or work with a security partner who does. They must also decide on the best way to implement these algorithms into their existing solutions, as well as plan for those in the future.
Solution Ultimately, selling successfully into the government comes down to compliance: compliance with standards for security; compliance with expectations of performance. Understanding the development choices available within the requirements is essential; applying them efficiently is the key to a competitive advantage. Working with Certicom as a security partner, vendors can quickly and easily build mission-critical national security applications into their products by using Security Builder® NSE™ . This toolkit enables organizations to build applications that meet the field-of-use guidelines set out by the NSA. The Security Builder NSE toolkit covers the technology that was part of the 26 patents licensed by the NSA plus optimized implementations that enable developers to meet both the NSA field-of-use guidelines and FIPS 140-2 validation requirements. By using the toolkit, vendors can look forward to proven implementations, faster NSA approvals and faster FIPS 140-2 validations. This means vendors not only meet Suite B and FIPS government requirements, but they do so quickly, ensuring themselves a competitive advantage. Suite B algorithms can also be implemented in hardware using the Certicom Hardware IP Cores for Suite B. These cores are designed to service higher-level security operations such as authentication, key agreement, and digital signatures. The same level of government-approved security found in our software-based security implementations has been extended into each hardware core. Many of these products can be found within the Certicom® Suite B Power Bundles™, which combine a wide range of high-performance hardware and software products into a comprehensive solution that can make your entire infrastructure completely Suite B compliant. Choose the bundle that is suited for your requirements. Suite B is not just for government use, however. As with other technologies in the past, the U.S. Goverment has led the way in what it considers adequate for secure communications. Many corporations have sensitive intellectual property online and/or electronically process sensitive information. Suite B algorithms are also appropriate in these types of situations. Value Generally speaking, Certicom believes, what appealed to the NSA about ECC was its strong security, efficiency and scalability over conventional public-key cryptography algorithms. These benefits of ECC were very important to the NSA as it chooses its security for use over several decades in its crypto hardware. Likewise we feel that Suite B requirements will be significant for some time to come.
|
