CURRENT THREAT SCENARIO
SSL is a proven way for two machines to establish and maintain secure communication. SSL prevents an eavesdropper from observing or capturing user information, data in transit, or encryption keys that let them masquerade as another user to steal information or corrupt a system. In spite of SSL's established status, it is not deployed everywhere by default. Business and technical teams make the decision on which parts of their solution will run with SSL. With SSL enabled solutions, rather than spending server CPU cycles on the functionality for the end user, CPU cycles are spent on cryptographic operations. Thus, organizations building embedded devices, software for real-time operating systems (RTOS), or mobile applications that implement SSL must choose between slower performance, greater battery drain, and higher costs of goods sold. Likewise, organizations that host websites or run SAAS operations must choose between slower performance and higher infrastructure costs as they evaluate implementing SSL. Yahoo and Amazon, for example, protect users' initial login and credit card information on purchases, but do not encrypt communication with users as they send mail or browse products. The impact of SSL performance is only growing as the National Institute of Standards and Technology (NIST) and others are recommending organizations increase the key size used with the RSA algorithm in most SSL implementations from 1024bits to 2048bits. This increase in key size will make SSL handshakes take five times as long. For organizations that do a lot of handshakes, this is a significant performance hit.
WHAT DOES THIS TECHNOLOGY DO?
CyaSSL is a very small, very fast, C-language-based SSL library purpose built for embedded devices that fully implement SSL 3, and TLS 1.0, 1.1, and 1.2, with SSL client libraries, an SSL server, API's, and an OpenSSL compatibility interface with support for RSA, DSA, and DH asymmetric cryptography. CyaSSL is built for maximum portability, and is very easy to compile on new platforms. The CyaSSL+NTRU solution adds an additional asymmetric algorithm, NTRU, to CyaSSL. NTRU is an alternative asymmetric algorithm to the more well known RSA and Elliptic Curve cryptography (ECC) asymmetric algorithms. It is based on a different mathematical hard problem, known as lattice reduction, which makes it much faster and resistant to quantum computers. The NTRU Encrypt algorithm had been standardized by IEEE Std 1363.1-200 and by the financial industry's ASCX9 as X9.98. Together with CyaSSl, the CyaSSL+NTRU solution is faster and smaller than the alternatives. For example, CyaSSL's optimized code runs standard RSA asymmetric cryptograpgy four times faster than OpenSSL, but CyaSSL+NTRU runs 20 to 200 times faster than OpenSSL RSA. In addition, NTRU's comparative performance increases with the level of security required. As key sizes increase by n, RSA's operations per second decease at n3 whereas NTRU's decrease at n2. CyaSSL is also up to 20 times smaller than OpenSSL. If one uses RSA with CyaSSL the key sizes are the same regardless of implementation. CyaSSL+NTRU also supports the industry standards up to the current TLS 1.2 level. The standardization of NTRU Sign is in process.
Unlike RSA and ECC, NTRU is an asymmetric cryptography algorithm that is resistant to quantum computers. A working, full-scale quantum computer running the process known as “Shor’s algorithm” would be able to break RSA or ECC of any practical size in negligible time. In contrast, NTRU’s security is reduced only slightly by quantum computers. This has been validated by external reviewers such as the NIST. In an April 2009 survey, Ray Perlner and David Cooper at NIST wrote: “Of the various lattice based cryptographic schemes that have been developed, the NTRU family of cryptographic algorithms appears to be the most practical … They are viable alternatives for both public key encryption and signatures that are not vulnerable to Shor’s Algorithm.” Researchers are making significant gains in quantum computing. It is advantageous to implement cryptography now that is quantum resistant.
CyaSSL+NTRU provides a very small, very fast SSL library for mobile computing with the additional benefit of support for a quantum computing resistant algorithm. Today, organizations implementing mobile applications must trade off security against performance when considering SSL. Organizations building mobile devices or SAAS infrastructures that integrate with mobile applications/devices must trade off performance against hardware cost and maintenance when evaluating SSL. By leveraging CyaSSL+NTRU, these tradeoffs are significantly minimized. The size and performance of the CyaSSL library alone takes us a big step toward small, fast SSL. Leveraging the NTRU algorithm with CyaSSL is a leap toward SSL for mobile computing without performance or component cost.
187 Ballardvale St. Suite A 195
Wilmington, MA 01887 USA