Application security company Security Innovation released its NTRU public key cryptography system to the open source community for free in a bid to address challenges facing popular public-key crypto systems today.
According to Security Innovation, NTRU is a lattice-based public key cryptosystem meant to serve as an alternative to RSA and Elliptic Curve Cryptography (ECC). Developed in 1996, NTRU compromises three algorithms: NTRUEncrypt, NTRUSign and PASSSign. It has been adopted n the IEEE and X9 standards, and at “comparable cryptographic strength”, performs costly private key operations much faster than RSA or ECC, according to the company. As key sizes increase by a factor of n, RSA’s operations decrease by about n3 compared to n2 for NTRU.
With the GNU Public License (GPL) open source license, NTRU can be deployed in open source products. A commercial license is available to incorporate it into a proprietary product.
“The open source licensing of the NTRU crypto system will make it easier for wide-spread adoption of our X9.98 standard, allowing Financial Services companies to protect their important financial transactions,” said executive director Cynthia Fuller of Accredited Standards Committee X9 Financial Industry Standards, in a statement.
According to Security Innovations, NTRU can enhance data security with its speed.
“Any application that requires fast performance (large amounts of data to be protected in a short amount of time) and/or high-levels of security for the next 10 years would benefit from the NTRU solution,” the company stated in a frequently asked questions section. “Furthermore, the small code size (small footprint) of the NTRU implementations make it suitable for even small embedded processors.”
“These applications include Payment Systems, secure messaging and email, mobile eCommerce, Healthcare, Near Field Communications (NFC), Vehicle Communications (V2V, V2I), Military/Aerospace, Web Browsers and Servers, Remote Backup Solutions, Voice over IP (VoIP), Online Presentations/Virtual Classrooms, Infrastructure (Railway switching, Traffic lights, etc), Utility meters and Cloud Provides/Datacenters,” the company continuned.
Open sourcing NTRU ensures that the implementation is solid and without the backdoors that we have learned about in proprietary implementations, Dr. William Whyte, chief scientist at Security Innovation and chair of the IEEE 1363 Working Group, said in a statement.
“We are fussy in the crypto world, and want to ensure that any adopted crypto is transparent and battle-tested,” he said. “NTRU has been successfully scrutinized by numerous government agencies and universities for over a decade.”
More from Brian Prince
- U.S. Healthcare Companies Hardest Hit by ‘Stegoloader’ Malware
- CryptoWall Ransomware Cost Victims More Than $18 Million Since April 2014: FBI
- New Adobe Flash Player Flaw Shares Similarities With Previous Vulnerability: Trend Micro
- Visibility Challenges Industrial Control System Security: Survey
- Adobe Flash Player Zero-Day Exploited in Attack Campaign
- Researchers Demonstrate Stealing Encryption Keys Via Radio
- Researchers Uncover Critical RubyGems Vulnerabilities
- NSA, GCHQ Linked to Efforts to Compromise Antivirus Vendors: Report
Latest News
- Google Temporarily Offering $180,000 for Full Chain Chrome Exploit
- Russia Blames US Intelligence for iOS Zero-Click Attacks
- Toyota Discloses New Data Breach Involving Vehicle, Customer Information
- Cisco Acquiring Armorblox for Predictive and Generative AI Technology
- Moxa Patches MXsecurity Vulnerabilities That Could Be Exploited in OT Attacks
- Amazon Settles Ring Customer Spying Complaint
- Organizations Warned of Salesforce ‘Ghost Sites’ Exposing Sensitive Information
- Adobe Inviting Researchers to Private Bug Bounty Program
