|
Innovation in cryptography to drive new security protocols in chip manufacture
Comodo leads key industry cryptography conference to establish new processes for security in smart cards and credit cards worldwide
21st September 2005, New York. Comodo Inc., a global leader in Identity and Trust Assurance Management solutions announced today top line findings from the seventh annual CHES (Cryptographic Hardware and Embedded Systems) Conference in Edinburgh, Scotland. (See www.chesworkshop.org for details.) Comodo's Head of Cryptography, Dr. Colin Walter from Comodo's Digital Trust Lab was general chair for this year security conference under the umbrella of the International Association for Cryptographic Research, the IACR (www.iacr.org).
Conference Background
The conference was well attended by a mix of leading researchers from both academia and industry - representing prestigious companies and organizations such as IBM, Intel, Infineon, Siemens, Toshiba, Hitachi, Philips, NEC and Atmel. Delegates from key cryptography departments, such as Cambridge, Bristol, Louvain-la-Neuve and Leuven Universities, were also present.
With well over 200 delegates, CHES is probably the largest and most important forum for discussing the security and implementation aspects of the chips in credit and debit cards to ensure identity integrity. Three guest speakers gave a broader view of those topics within a secure and trusted global communication network. Thomas Wille from Philips Semiconductors talked about "Security of Identification Products: How to Manage", Ross Anderson from Cambridge University Computer Laboratory spoke on "What Identity Systems Can and Cannot Do" and Jim Ward from IBM, and president of the Trusted Computing Group, presented "Trusted Computing in Embedded Systems".
Summary of Conference Discussion
Overall, the main theme of the invited talks and surrounding discussion was how to balance freedom of information required for commerce with the equally demanding identity security needs of individuals and corporations.
So, for example, some challenging questions included whether "Douglas A MacKenzie" who bought a house twenty years ago is the same as the "Angus MacKenzie" that now wishes to sell the house? Will the same rules apply when this is applied to withdrawals from a bank account? Will economic or political pressures for secure solutions result in denial of personal rights?
These issues point to important new opportunities in protecting personal information as they "intersect" in the "open" commerce infrastructure.
Summary of Conference Conclusions
Exacerbating this challenging balancing act is the added reality that threats can come in ways and technologies not expected. For example, cloning of cards can be done using side channel attacks, which use variation in time, power or electro-magnetic radiation to determine the hidden secrets. When used internally, each bit of a secret key generates different EMR according to whether its value is 0 or 1. By interpreting these data correctly, fraudsters can obtain access to confidential information.
Some key conclusions and countermeasures were identified and included:
* Investigation of new, potential side channel attacks, both against specific implementations and involving new concepts - so as to have remedial action in place.
* Developing new algorithms to hide secret key bits to prevent the cloning of cards
There was acknowledgement that the challenge remains to develop further protocols for more effective hiding of the secret keys to mitigate the vulnerability of cards to attack.
About Comodo
Comodo is a leading global provider of security, authentication and assurance services for the Internet. Today, more than 150,000 customers in over 100 countries rely on Comodo to create trust in online transactions through distinct solutions that address the digital ecommerce and infrastructure needs of enterprises. Powered by Comodo's Digital Trust Lab (DTL), Comodo is helping enterprises around the world improve customer relationships, enhance customer trust and create efficiencies across their digital ecommerce operations. Comodo's industry leading solutions include integrated web hosting management solutions, infrastructure services, digital ecommerce services, digital certification, identity assurance, customer privacy and vulnerability management solutions. For more information, visit Comodo - Creating Trust OnlineĀ - www.comodo.com.
Comodo can be reached on (US) +1 800 772 5185 (Europe) +44 (0) 161 874 7070
About Dr. Colin Walter
Dr. Walter has made substantial progress in the discovery of implementation weaknesses of side channel attacks during his time at Comodo, and pioneered a number of solutions of which the Mist algorithm is a notable example, (randomizing the key processing for stronger security). Much of this work at the Comodo Digital Trust Research Laboratory has now been made public, and can be downloaded from http://www.comodogroup.com/research/crypto/publications.html
Company: Comodo
|
| Related press releases |
Innovation in cryptography to drive new security protocols in chip manufacture [2005-09-20 00:00:00]
Comodo leads key industry cryptography conference to establish new processes for security in smart cards and credit cards worldwide
21st September 2005, New York. Comodo Inc., a global leader in Id...
|
|
SSLGenie offers the highest level of security, provides confidentiality, message... [2007-10-28 19:22:49]
SSLGenie provides privacy and reliability between two communicating applications on the Internet. SSLGenie is an application of cryptography, the discipline of changing information into a form that is...
|
|
Comodo to support the CHES international cryptographic conference [2004-03-29 00:00:00]
Bradford, UK, 26 March 2003. Comodo, the internet security specialists, is today announcing its continued support and sponsorship of the CHES (Cryptographic Hardware & Embedded Systems) conference, wi...
|
|
Comodo Cryptography Expert to Present Latest Smart Card Research at Workshop on ... [2007-08-20 23:01:54]
Comodo Cryptography Expert to Present Latest Smart Card Research at Workshop on Information Security Applications WISA 2007 Conference
Dr Colin Walter's talk will reveal how widely accepted and theor...
|
|
Aspose.Net Preview [2005-09-04 00:00:00]
Aspose.Net is a set of established networks protocols implementation on .net platform, which includes and will include Smtp, Mime, Dns, Icmp, Ftp, and so on.
Complement of System.Net from Microsoft,...
|
|
Comodo Cryptography Expert To Deliver Speech At Workshop On Cryptographic Hardwa... [2008-08-06 09:04:15]
Dr Colin Walter's speech will focus on recovering secret keys from weak channel traces
Jersey City, NJ, August 06, 2008 - Comodo, a global leader in Identity and Trust Assurance Management solution...
|
|
Network Protocols Handbook - Third Edition Published [2006-03-03 00:00:00]
Javvin Technologies Inc has just published the third edition of the "Network Protocols Handbook". The book is designed as a reference to help IT and networking professionals and students to master the...
|
|
Industrial Manufacture Production Manager and Stock Control software [2005-01-10 00:00:00]
Industrial Manufacture Production Manager and Stock Control software was created, based on real time experience on the production field.
This software will let you control any production, stock, orde...
|
|
Secure File Transfer Client Goes Beyond Traditional FTP [2005-12-15 00:00:00]
(New York, USA) - One of the earliest file transfer protocols developed for the Internet - ftp - is still one of the simplest, most convenient and fastest methods of exchanging files between clients a...
|
|
RSA Factoring Challenges Broken - NO WINNER for the $100,000 Whitenoise Security... [2008-04-17 17:34:12]
For years and years and years and years the pre-eminent security company RSA has been running contests and challenges to factor RSA public encryption keys. Each RSA challenge key has been broken. The ...
|
|
|
|
| Content Filter Web Proxy SafeSquid |
 Internet Proxy Server with antivirus and Web Filter for Internet security, Cache, IP based Access Control, Authentication, Block - website access with URL blacklist and keywords; Block music, videos, flash, java applets, messengers, cookies, activex |
|
| Abee MP3 Duplicates Finder |
 The purpose of this program is to find all mp3(ogg,wma) duplicates on your computer and remove useless
files from your hard drive. As this program performs just this single task it copes with it much
better than other more universal programs. |
|
| PowerZip |
 PowerZip makes zipping / unzipping quick & simple while providing advanced compression & security features:
- Easy to use Wizards
- Strong encryption (256-bit AES)
- Supports 12 types of archives
- Create PowerZip Macro files to automate backup |
|
| Space Hound 4 |
 Sniff out wasted space with The Best Duplicate File Finder available. Space Hound 4 eliminates duplicate and unused files that are cluttering up your hard drive and causing problems. Uncludes File & Directory Management, Zip & Unzip, file Viewers. |
|
| SafeSquid Personal |
 Internet Proxy Server with antivirus and Web Filter for Internet security, Cache, IP based Access Control, Authentication, Block - website access with URL blacklist and keywords; Block music, videos, flash, java applets, messengers, cookies, activex |
|
| LSN Password Safe |
 High security password manager + AntiKeyLogger + virtual keyboard + CAPTCHA. Easy to use and free. You can create as many fields per entry as you need. File protection and data theft prevention. Portable version. |
|
| AnVir Security Suite |
 Monitor processes, services, connections, CPU, disk, memory. Remove spyware. Speed up boot time and performance. Complement antivirus software. Descriptions for 70 000 startup programs and services, alerts on new startups. Security analysis |
|
|
Latest press releases
