Certicom offers alternative to RSA
Certicom gives users the option of using its elliptic curve cryptography rather than the more common RSA code.
Today the company announced that it create two encryption plug-ins to the Microsoft (MSFT) CryptoAPI security framework. Elliptic curve cryptography is based on a different mathematical algorithm from RSA encryption, which is by far the market leader in cryptography. Elliptic curve crypto requires less computing power to create, encrypt, and decrypt communications, according to Certicom.
"CryptoAPI will become one of the pivotal architectures in electronic commerce and securing desktop applications," said Philip Deck, Certicom chief executive. "Elliptic curve cryptography and Certicom are really becoming part of the infrastructure."
CryptoAPI allows different vendors to plug in modules for cryptographic functions in Windows applications. That lets software application developers choose different modules and change them as new technologies emerge. Making changes is more difficult if the cryptography is written into the application itself.
Microsoft's Edmund Muth said more than 14 companies, including Microsoft, have created plug-ins for CryptoAPI. Others include Atalla, Hewlett-Packard Trusted Information Systems, and Cylink.
Certicom will do two separate plug-ins for creating digital signatures, which verify the identity of a sender and assure that a communication has not been tampered with.
Certicom, formed five years ago, only has been marketing its cryptography since March, but it's been aggressively marketing its products. Certicom also is developing a crypto chip for wireless with Motorola, which recently took a 5 percent stake in Certicom.
Elliptic curve cryptography is likely to be added to version 2.0 of the Secure Electronic Transactions protocol, created by MasterCard and Visa for secure payment card transactions over the Internet.
Certicom is considering similar plug-ins for security architectures from Intel and Netscape Communications.