By Rachel Chalmers
The 8th annual RSA Data Security Conference – cryptography’s annual get-together and gabfest – opened on Monday January 18 in San Jose. Organizer RSA kicked off what is likely to be a deluge of announcements. The company has inked deals with Intel, Compaq and Verisign, and it is particularly tickled about a new family of products, called Keon and aimed squarely at rival Entrust. To begin with, Intel plans to build start security at the semiconductor level, by building hardware enhancements to RSA’s technology. RSA in turn will take advantage of those enhancements. Intel has also said it will distribute RSA’s B-SAFE software development kits (SDKs) bundled with its own, adding greatly to RSA’s potential market. Meanwhile Compaq has extended its license to RSA’s C language cryptography tools and has added crypto-J and PKI client libraries to its arsenal. Finally, Keon is the first real fruit of RSA’s merger two and a half years ago with Security Dynamics Inc (SDI). Users are given single sign-on to a certification store, located on a PC or smart card. The certification store holds a whole range of keys for different uses. Agents certify the authenticated user for third- party transactions. Keon is intended to provide all the tools developers need to drop encryption into their own applications without mess or fuss. Executives say that by combining RSA’s encryption with SDI’s strong authentication, the new product family plays to both companies’ strengths. Keon is built around Verisign’s OnSite Certificate Authority (CA) server, but can be used with any CA designed to be deployed as a module. Other components of the Keon system are a desktop product, security server, management console and agents. RSA also released a mystery message encoded with 56-bit DES encryption for its DES III Challenge. Electronic Frontier Foundation president John Gilmore, who was given a trophy to celebrate the EFF’s 56-hour victory in the last DES Challenge, said his organization’s latest effort was already under way. Internet challengers distributed.net have also fired up their network to tackle DES. RSA says it will give $10,000 to anyone who decrypts the message inside 24 hours, $5,000 inside 48 and $1,000 if the challenger beats EFF’s standing record. Still to come: Celo Communications will announce a suite comprising a web client, enterprise server. digital signature plug-ins, PKI manager and mail, all based on RSA’s BSAFE SSL-C; Trend Micro has licensed ValiCert’s Calidation Authority technology for use in its digital certificate systems; and Netscape Communications Corp has unveiled Netscape Directory for Secure E-Commerce, which includes a directory server and certificate management system. Eight years ago the RSA conference was a genteel gathering of mathematicians and NSA spooks. Today it packs out San Jose’s convention center, with an estimated 5,000 attendees and standing room only in the general sessions. Why the tremendous surge of interest in what was once an obscure branch of mathematics? As RSA president Jim Bidzos is fond of saying: Public key cryptography was a solution looking for a problem. Ecommerce is that problem.
