Presentation is loading. Please wait.

Presentation is loading. Please wait.

Advances in Card Solutions 7 th Annual CACR April 25, 2001 7 th Annual CACR April 25, 2001.

Published byAlexia Carter Modified over 9 years ago

Similar presentations

Presentation on theme: "Advances in Card Solutions 7 th Annual CACR April 25, 2001 7 th Annual CACR April 25, 2001."— Presentation transcript:

1

2 Advances in Card Solutions 7 th Annual CACR April 25, 2001 7 th Annual CACR April 25, 2001

3 Certicom Overview  Founded in 1985, 340 employees - Offices in Toronto, San Francisco, Dulles, and London - Listed on both Toronto Stock Exchange & the NASDAQ  Strong patent portfolio in wireless/mobile security  Sponsors cryptographic research at University of Waterloo and Stanford University  Has over 150 licensees  Founded in 1985, 340 employees - Offices in Toronto, San Francisco, Dulles, and London - Listed on both Toronto Stock Exchange & the NASDAQ  Strong patent portfolio in wireless/mobile security  Sponsors cryptographic research at University of Waterloo and Stanford University  Has over 150 licensees

4 Security for the Next 20 Years  Encryption Underlies all Internet Security  Existing Encryption Technology is 20 Years Old  Certicom Owns the Next Generation Encryption Technology - Elliptic Curve Cryptography (ECC)  Designed for Mobile, Wireless Smart Card Environments  Security for the Next 20 Years  Encryption Underlies all Internet Security  Existing Encryption Technology is 20 Years Old  Certicom Owns the Next Generation Encryption Technology - Elliptic Curve Cryptography (ECC)  Designed for Mobile, Wireless Smart Card Environments  Security for the Next 20 Years

5 Industry Leading Customers

6

7 Agenda  PKI, Cards, Wireless – Where are we?  Common challenges  Security Solutions – how can Crypto help?  Success stories to watch…  Concluding Remarks  PKI, Cards, Wireless – Where are we?  Common challenges  Security Solutions – how can Crypto help?  Success stories to watch…  Concluding Remarks

8 Classic Hype Cycle Visibility Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity Time

9 PKI Hype Cycle Source: Gartner Group Visibility Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity Time Public Key Encryption Developed PGP Introduced 1994 RSA Conference Verisign formed Verisign IPO Entrust IPO 1999 RSA Conference Scotia Bank Deploys B2C PKI American Express Releases Blue Identrus Formed Verisign Acquires NSI Entrust Merges with EnCommerce Visa Announces 3-D SSL E-Sign Laws Signed PKI Disappears Into Application PC Makers add SmartCard Readers Industry Policy Authorities Form We are here

10 Smart Card Hype Cycle 1996 Olympics (Visa Cash) 1995 Mondex Swindon, England EMV New York Joint Trials American Express Launches Blue Visa Launches eVisa Are we here? Smart Card Disappears into card, device, etc PC Makers add SmartCard Readers Industry Policy Authorities Form Visibility Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity Time

11 Wireless Hype Cycle Are we here? WAP SMS WTLS Location-based Services Visibility Technology Trigger Peak of Inflated Expectations Trough of Disillusionment Slope of Enlightenment Plateau of Productivity Time

12 Coming Together Visibility Time PKI Cycle Smart CardWireless eCommerce We must be here My “Optimist’s” view!

13 Information Security Threats Fraud  Problem - Impersonation or identity theft - Credit card fraud  Impact - Massive financial loss - Merchants absorb most of the losses - Slows adoption of e-Commerce  Problem - Impersonation or identity theft - Credit card fraud  Impact - Massive financial loss - Merchants absorb most of the losses - Slows adoption of e-Commerce

14 Credit Card Fraud  Meridien Research predicts that by 2001, online credit card fraud could cost merchants $9 billion a year, and that by 2003 the cost could reach $15 billion

15 Challenges  Wireless is bandwidth constrained - Pay per byte transmitted over networks - Latency of messaging - Proximity card performance  Battery life  Resource limitations - Smart card processors fit within 25 sq mm - PDA, pager, cell handsets  Devices may look different, but It’s the same problem  Wireless is bandwidth constrained - Pay per byte transmitted over networks - Latency of messaging - Proximity card performance  Battery life  Resource limitations - Smart card processors fit within 25 sq mm - PDA, pager, cell handsets  Devices may look different, but It’s the same problem

16 ECC – A Part of any Solution ECC Key Size (Bits) ECC Key Size (Bits) RSA Key Size (Bits) RSA Key Size (Bits) Key Size Ratio 1631,0241 : 6 2833,0721 : 11 4097,6801 : 19 57115,3601 : 27 1631,0241 : 6 2833,0721 : 11 4097,6801 : 19 57115,3601 : 27

17 Traditional Technology  Digitally Signed Transaction on a Palm VII Using Traditional Encryption Technology Not Viable!

18 Certicom Technology  Digitally Signed Transaction on a Palm VII Using Certicom Technology Instantaneous Trust!

19 Solutions emerging  Proximity devices  Intelligent use of Public Key technology - Not just PKI - Combinations of PK, PKI and trust models  Solutions for business needs  Proximity devices  Intelligent use of Public Key technology - Not just PKI - Combinations of PK, PKI and trust models  Solutions for business needs

20 Incentives for end customers  Sex appeal factor  Hide security from consumers  Assure privacy, integrity of transactions  For Financials - Make it smooth for the merchants - Avoid discount rate discussions ;-)  Sex appeal factor  Hide security from consumers  Assure privacy, integrity of transactions  For Financials - Make it smooth for the merchants - Avoid discount rate discussions ;-)

21 Example successes  Proximity in North America - WMATA - Mobil Speed Pass  Large card rollouts - American Express Blue - eVisa - MasterCard announcement with Keycorp  Key differences… - Proximity solutions seem to gain user acceptance!  Proximity in North America - WMATA - Mobil Speed Pass  Large card rollouts - American Express Blue - eVisa - MasterCard announcement with Keycorp  Key differences… - Proximity solutions seem to gain user acceptance!

22 Proximity solutions  ECC enables secure solutions - Payment - Terminal communications  Total transaction time required - <150ms  ECDSA Sign Performance by Certicom - < 90 ms for a signature  Viable for demanding proximity protocol solutions  ECC enables secure solutions - Payment - Terminal communications  Total transaction time required - <150ms  ECDSA Sign Performance by Certicom - < 90 ms for a signature  Viable for demanding proximity protocol solutions

23 On Card Key Generation  Private key is “perfect secret” - A random number  Public key is computed by multiplying private key with the “generator point” - Same complexity as signature generation  No risk of primality testing  Total process typically less than 2 seconds  Enables keys as demanded by business process, user generated - Avoids key injection requirements at mfg time  Private key is “perfect secret” - A random number  Public key is computed by multiplying private key with the “generator point” - Same complexity as signature generation  No risk of primality testing  Total process typically less than 2 seconds  Enables keys as demanded by business process, user generated - Avoids key injection requirements at mfg time

24 PK Solutions to Match  Digital Signature Authentication Solutions  Just in time security - On card key generation for business app use - TrustPoint PKI Portal registration of keys - MobileTrust CA services  Small certificates by design - CA supports business process - NOT business process driven by CA  Digital Signature Authentication Solutions  Just in time security - On card key generation for business app use - TrustPoint PKI Portal registration of keys - MobileTrust CA services  Small certificates by design - CA supports business process - NOT business process driven by CA

25 System Architecture Secure Client Application Secure Client Application Secure Server Application Secure Server Application PKI Client Protocols Client Certificate Crypto PKI Tools Server Certificate Protocols Crypto Certificate Authority (CA)Registration Authority (RA) Public-key Infrastructure Wireless Device Application Server

26 TrustPoint PKI Portal

27 Conclusions  ECC solutions provide the Right solution for todays security needs  Proximity solutions need high security – ECC meets the challenge - On card key generation - <150ms total transaction times  Emerging business applications need Public Key Technology  ECC solutions provide the Right solution for todays security needs  Proximity solutions need high security – ECC meets the challenge - On card key generation - <150ms total transaction times  Emerging business applications need Public Key Technology

Download ppt "Advances in Card Solutions 7 th Annual CACR April 25, 2001 7 th Annual CACR April 25, 2001."

Similar presentations

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.

Chapter 10 Encryption: A Matter of Trust. Awad –Electronic Commerce 1/e © 2002 Prentice Hall 2 OBJECTIVES What is Encryption? Basic Cryptographic Algorithm.
Public Key Infrastructure and Applications

Public Key Infrastructure and Applications
Wireless PKI Shakeel Ahamad Shaik (Research Fellow) Under the supervision of Dr.V.N.Sastry, Associate Professor (IDRBT) & Dr.S.K.Udgata, Reader (UOH) Saturday,

Wireless PKI Shakeel Ahamad Shaik (Research Fellow) Under the supervision of Dr.V.N.Sastry, Associate Professor (IDRBT) & Dr.S.K.Udgata, Reader (UOH) Saturday,
E-Commerce Payment Systems

E-Commerce Payment Systems
SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.

SPD1 Improving Security and Access to Network with Smart Badge Eril Pasaribu CISA,CISSP Security Consultant.
Grid Computing, B. Wilkinson, 20045a.1 Security Continued.

Grid Computing, B. Wilkinson, 20045a.1 Security Continued.
1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.

1 Lecture 17: SSL/TLS history, architecture basic handshake session initiation/resumption key computation negotiating cipher suites application: SET.
CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.

CS470, A.SelcukSSL/TLS & SET1 CS 470 Introduction to Applied Cryptography Instructor: Ali Aydin Selcuk.
SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.

SSL : An Overview Bruhadeshwar Bezawada International Institute of Information Technology, Hyderabad.
Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.

Topic 8: Secure communication in mobile devices. Choice of secure communication protocols, leveraging SSL for remote authentication and using HTTPS for.
SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.

SECURITY IN E-COMMERCE VARNA FREE UNIVERSITY Prof. Teodora Bakardjieva.
1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:

1 Pertemuan 12 Authentication, Encryption, Digital Payments, and Digital Money Matakuliah: M0284/Teknologi & Infrastruktur E-Business Tahun: 2005 Versi:
Certicom MobileTrust™: PKI for Mobile and Wireless Systems John Kennedy Director of PKI Product Marketing April, 2000.

Certicom MobileTrust™: PKI for Mobile and Wireless Systems John Kennedy Director of PKI Product Marketing April, 2000.
WAP Public Key Infrastructure CSCI 5939.02 – Independent Study Fall 2002 Jaleel Syed Presentation No 5.

WAP Public Key Infrastructure CSCI – Independent Study Fall 2002 Jaleel Syed Presentation No 5.
Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer

Sentry: A Scalable Solution Margie Cashwell Senior Sales Engineer Sept 2000 Margie Cashwell Senior Sales Engineer
A Survey of WAP Security Architecture Neil Daswani

A Survey of WAP Security Architecture Neil Daswani
Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka 2011.2.10

Implementation of LSI for Privacy Enhancing Computation Kazue Sako, Sumio Morioka
Principles of Information Security, 2nd edition1 Cryptography.

Principles of Information Security, 2nd edition1 Cryptography.
Mobile Security and Payment Nour El Kadri University Of Ottawa.

Mobile Security and Payment Nour El Kadri University Of Ottawa.
Electronic Transaction Security (E-Commerce)

Electronic Transaction Security (E-Commerce)

Similar presentations

Ads by Google