Code and Cipher, published quarterly by Certicom Corp., is an educational newsletter that covers the security and cryptography industry. In each issue we will examine security issues and cryptography trends in an objective manner. We welcome your thoughts, opinions and comments on anything that affects the industry. Please send your feedback on this issue and what you’d like to see in upcoming ones to: codeandcipher@certicom.com.
Using ECC-based signatures with digital certificates provides added size and performance advantages. This article provides an overview of what certificates are and examines how digital certificates are used in applications—applications that have wider adoption possibilities beyond the markets outlined here.
Implicit certificates, known in the cryptographic community but not widely used, are smaller and faster than those in common use. Implicit or “bullet certificates” can enable a low-resource trust model for resource-constrained settings, ad-hoc networks and applications requiring printed certificates.
Traditional CAs with non-ECC public keys can still be used to distribute ECC public keys. The technology that permits this is the hybrid certificate. A hybrid certificate is a certificate which binds an ECC public key to a communicating party, but which is itself signed using non-ECC signature algorithms, and the CA's private key.
Dr. Scott Vanstone discusses the practical side of public-key authentication.
This issue of Code and Cipher examines different types of certificates, their uses and benefits.
