Interview with Dr. Nicko van Someren, CTO of nCipher
by Mirko Zorz - Thursday, 6 February 2003.
The payShield HSM meets the security needs of card-issuing banks, payment processors, merchants and e-payment providers implementing 3-D Secure and other standards, providing key management for symmetric and asymmetric keys within a single device, cryptographic acceleration, real-time authentication of customer transactions and APIs supporting customized encryption, decryption and signing functions.

Your products, nForce and nFast are both SSL accelerators that enhance Web server performance. What are their features?

nForce secure SSL accelerator provides enhanced server performance with powerful acceleration capabilities to expand server processing capacity, security infrastructure scalability through a modular architecture, advanced key management and improved manageability by allowing the establishment of responsibilities and authority to manage a multitude of digital keys across a network.

nFast 800 is a high-performance PCI card that removes the burden of the power-hungry software process that underlies the SSL protocol and is plug-and-play compatible with leading Web server packages and operating systems. nFast 800 provides the capacity for a single server to establish 800 new SSL connections per second.

Protegrity is one of your partners. What does your partnership consist of?

nCipher entered into a partnership with Protegrity in September of 2002. We are tightly integrating our nShield product line with their Secure.Data software to give customers a solution that addresses stringent government, industry and internal auditing standards for protecting the privacy of sensitive database information against internal and external threats. As part of this agreement, we entered into a joint marketing and strategic alliance partnership with Protegrity that includes ongoing collaborative development of secure database encryption solutions.

What is, in your opinion, the biggest challenge in protecting sensitive information at the enterprise level?

From a cryptography point of view, the cryptography in use now is good enough for the foreseeable future. It takes an amazing amount of effort to break ciphers now and with longer key lengths brute force attacks become exponentially more difficult. It really is as simple as doubling key length to keep ahead of the processing power and new brute force attacks that can be made on a key. With that said, enterprises and e-commerce providers do have the cryptography that can keep them secure for a very long time.

What does have to change in cryptography is how the crypto keys are managed and protected. While it is very hard to break a key, the real threat lies in key management and distribution of the keys. Grid computing cracking a key should not worry a CSO. A key left unprotected for a rogue employee to openly steal, should.

And more and more systems and services will be using cryptography, which will exacerbate the management problem. Web services are a perfect example of how the need for key management will be the real next gen need for cryptography. Being able to have keys be used across networks, quickly change with organizational changes, managing the life cycle of a key from birth to death. Those are the issues that will have to be dealt with and what our customers need. These other technologies, such as quantum and photonic encryption, are more science fiction then science fact right now and use of them in any practical way will not happen for many years.

What developments does nCipher envisage in 2003?


Harnessing artificial intelligence to build an army of virtual analysts

PatternEx, a startup that gathered a team of AI researcher from MIT CSAIL as well as security and distributed systems experts, is poised to shake up things in the user and entity behavior analytics market.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 4th