|
Innovation in cryptography to drive new security protocols in chip manufacture
Comodo leads key industry cryptography conference to establish new processes for security in smart cards and credit cards worldwide
21st September 2005, New York. Comodo Inc., a global leader in Identity and Trust Assurance Management solutions announced today top line findings from the seventh annual CHES (Cryptographic Hardware and Embedded Systems) Conference in Edinburgh, Scotland. (See www.chesworkshop.org for details.) Comodo's Head of Cryptography, Dr. Colin Walter from Comodo's Digital Trust Lab was general chair for this year security conference under the umbrella of the International Association for Cryptographic Research, the IACR (www.iacr.org).
Conference Background
The conference was well attended by a mix of leading researchers from both academia and industry - representing prestigious companies and organizations such as IBM, Intel, Infineon, Siemens, Toshiba, Hitachi, Philips, NEC and Atmel. Delegates from key cryptography departments, such as Cambridge, Bristol, Louvain-la-Neuve and Leuven Universities, were also present.
With well over 200 delegates, CHES is probably the largest and most important forum for discussing the security and implementation aspects of the chips in credit and debit cards to ensure identity integrity. Three guest speakers gave a broader view of those topics within a secure and trusted global communication network. Thomas Wille from Philips Semiconductors talked about "Security of Identification Products: How to Manage", Ross Anderson from Cambridge University Computer Laboratory spoke on "What Identity Systems Can and Cannot Do" and Jim Ward from IBM, and president of the Trusted Computing Group, presented "Trusted Computing in Embedded Systems".
Summary of Conference Discussion
Overall, the main theme of the invited talks and surrounding discussion was how to balance freedom of information required for commerce with the equally demanding identity security needs of individuals and corporations.
So, for example, some challenging questions included whether "Douglas A MacKenzie" who bought a house twenty years ago is the same as the "Angus MacKenzie" that now wishes to sell the house? Will the same rules apply when this is applied to withdrawals from a bank account? Will economic or political pressures for secure solutions result in denial of personal rights?
These issues point to important new opportunities in protecting personal information as they "intersect" in the "open" commerce infrastructure.
Summary of Conference Conclusions
Exacerbating this challenging balancing act is the added reality that threats can come in ways and technologies not expected. For example, cloning of cards can be done using side channel attacks, which use variation in time, power or electro-magnetic radiation to determine the hidden secrets. When used internally, each bit of a secret key generates different EMR according to whether its value is 0 or 1. By interpreting these data correctly, fraudsters can obtain access to confidential information.
Some key conclusions and countermeasures were identified and included:
* Investigation of new, potential side channel attacks, both against specific implementations and involving new concepts - so as to have remedial action in place.
* Developing new algorithms to hide secret key bits to prevent the cloning of cards
There was acknowledgement that the challenge remains to develop further protocols for more effective hiding of the secret keys to mitigate the vulnerability of cards to attack.
About Comodo
Comodo is a leading global provider of security, authentication and assurance services for the Internet. Today, more than 150,000 customers in over 100 countries rely on Comodo to create trust in online transactions through distinct solutions that address the digital ecommerce and infrastructure needs of enterprises. Powered by Comodo's Digital Trust Lab (DTL), Comodo is helping enterprises around the world improve customer relationships, enhance customer trust and create efficiencies across their digital ecommerce operations. Comodo's industry leading solutions include integrated web hosting management solutions, infrastructure services, digital ecommerce services, digital certification, identity assurance, customer privacy and vulnerability management solutions. For more information, visit Comodo - Creating Trust Online™ - www.comodo.com.
Comodo can be reached on (US) +1 800 772 5185 (Europe) +44 (0) 161 874 7070
About Dr. Colin Walter
Dr. Walter has made substantial progress in the discovery of implementation weaknesses of side channel attacks during his time at Comodo, and pioneered a number of solutions of which the Mist algorithm is a notable example, (randomizing the key processing for stronger security). Much of this work at the Comodo Digital Trust Research Laboratory has now been made public, and can be downloaded from http://www.comodogroup.com/research/crypto/publications.html
|
Company: Comodo
| Related press releases |
Innovation in cryptography to drive new security protocols in chip manufacture [2005-09-20 00:00:00]
Comodo leads key industry cryptography conference to establish new processes for security in smart cards and credit cards worldwide
21st September 2005, New York. Comodo Inc., a global leader in Id...
|
|
SSLGenie offers the highest level of security, provides confidentiality, message... [2007-10-28 19:22:49]
SSLGenie provides privacy and reliability between two communicating applications on the Internet. SSLGenie is an application of cryptography, the discipline of changing information into a form that is...
|
|
Comodo to support the CHES international cryptographic conference [2004-03-29 00:00:00]
Bradford, UK, 26 March 2003. Comodo, the internet security specialists, is today announcing its continued support and sponsorship of the CHES (Cryptographic Hardware & Embedded Systems) conference, wi...
|
|
Comodo Cryptography Expert to Present Latest Smart Card Research at Workshop on ... [2007-08-20 23:01:54]
Comodo Cryptography Expert to Present Latest Smart Card Research at Workshop on Information Security Applications WISA 2007 Conference
Dr Colin Walter's talk will reveal how widely accepted and theor...
|
|
Aspose.Net Preview [2005-09-04 00:00:00]
Aspose.Net is a set of established networks protocols implementation on .net platform, which includes and will include Smtp, Mime, Dns, Icmp, Ftp, and so on.
Complement of System.Net from Microsoft,...
|
|
Network Protocols Handbook - Third Edition Published [2006-03-03 00:00:00]
Javvin Technologies Inc has just published the third edition of the "Network Protocols Handbook". The book is designed as a reference to help IT and networking professionals and students to master the...
|
|
Industrial Manufacture Production Manager and Stock Control software [2005-01-10 00:00:00]
Industrial Manufacture Production Manager and Stock Control software was created, based on real time experience on the production field.
This software will let you control any production, stock, orde...
|
|
Secure File Transfer Client Goes Beyond Traditional FTP [2005-12-15 00:00:00]
(New York, USA) - One of the earliest file transfer protocols developed for the Internet - ftp - is still one of the simplest, most convenient and fastest methods of exchanging files between clients a...
|
|
RSA Factoring Challenges Broken - NO WINNER for the $100,000 Whitenoise Security... [2008-04-17 17:34:12]
For years and years and years and years the pre-eminent security company RSA has been running contests and challenges to factor RSA public encryption keys. Each RSA challenge key has been broken. The ...
|
|
Comodo Cryptography expert to speak at IEEE Symposium on Computer Arithmetic [2005-05-31 00:00:00]
Partial information leakage poses major threat for SmartCard manufacturers
New Jersey 31st May 2005 Comodo, the leading global provider of Risk Alignment™ Services announce that Dr Colin Walter will...
|
|
|
|
| Lizard Safeguard PDF Security |
 PDF document security software with DRM controls. Control who can view PDF documents & how they are used. Prevent copying, sharing, modifying, screen grabbing. Control the number of views and prints & when documents expire. No useless passwords. |
|
| Abee MP3 Duplicates Finder |
 The purpose of this program is to find all mp3(ogg,wma) duplicates on your computer and remove useless
files from your hard drive. As this program performs just this single task it copes with it much
better than other more universal programs. |
|
| Titan Backup |
 The ultimate backup solution - Secure, Automated, Easy-to-use backups of your important files and documents, emails and rules, registry, settings.Features 256-bit AES encryption to ensure full security of your confidential data. |
|
| Deer Drive |
 Bring all the ammo you can get your hands on, because open season just arrived - big time! Deer Drive is an arcade-style 3D deer hunting game. How fast is your aim? It's just pure shooting action, as herds of deer are driven into your sights! |
|
| MyPendrive |
 MyPendrive enables extended autorun functions for USB drives, like starting portable apps directly at drive connection. Version 2.0 offers enhanced backup functions and allows you to easily customize the drive label, icon and autostart menus. |
|
| PowerZip |
 PowerZip makes zipping / unzipping quick & simple while providing advanced compression & security features:
- Easy to use Wizards
- Strong encryption (256-bit AES)
- Supports 12 types of archives
- Create PowerZip Macro files to automate backup |
|
| NoClone Home - Find Duplicate Files, Emails |
 NoClone - Find and Delete TRUE duplicate files by byte-to-byte comparison. Smart Marker helps to clean up hard drive. |
|
|
Latest press releases
