(Ping! Zine Web Tech Magazine) – Security Innovation, the authority in application and crypto security, announced today that its standards-based NTRU Crypto has been selected by Unseen. Unseen’s Software as a Service (SaaS) solutions deliver the safest communication channel for Internet-based communications and file sharing. The Unseen service offers an alternative to relatively insecure applications like email and Skype® with their integrated state-of-the-art web-, mobile-, and desktop applications to help people and organizations communicate without fear of malicious intent regardless of location.
Taking a privacy-first approach, Unseen is committed to complete end-to-end encryption for all communications. The company originally implemented RSA code but recognized the need for something faster and more secure. They selected NTRU after extensive testing against RSA and ECC. NTRU turned out to be the fastest – up to 200x faster than RSA and as the security level increased, NTRU’s performance over RSA and ECC became even more impressive. This high performance is especially important for mobile platforms, which are more resource constrained than personal computer platforms. Unseen is also developing a decentralized payment system that will utilize NTRU public private key technology.
On top of the performance advantages, Unseen recognized the additional benefit of a public-key crypto system that is completely tamper-resistant with no proven successful attacks. RSA’s well-documented slow performance and known attacks, coupled with its difficult implementation at high security levels, eliminated it from consideration. Moreover, allegations about the NSA having access to back doors into ECC and forcing users to implement NIST-supplied curves casts serious doubt on the viability of ECC in any truly privacy-conscious implementation. To avoid a single point of failure and strengthen security, messages transmitted using Unseen’s hosted solutions messages are wrapped with both xAES, proprietary encryption developed by Unseen, and NTRU crypto.
“Unseen benchmarks clearly showed the advantage of NTRU over RSA – 2048 bits RSA key generation took about 20 minutes on a typical mobile device and only about six seconds with NTRU”, said Chris Kitze, CEO of Unseen. “This allows us to create new keys for each conversation, even on a mobile device, which is completely impractical with RSA. Additionally, with NIST stating that NTRU is the most practical lattice-based crypto to withstand quantum computing attacks, the decision to replace RSA was easy for us.”
“Encryption plays a key role in the quality and security of any solution and I commend Unseen for conducting the right level of due diligence in this decision-making and analysis process,” said William Whyte, Chief Scientist at Security Innovation. “Full evaluation of a cryptographic algorithm includes key size, resource consumption, ease of implementation, known attacks against the algorithm, the length of time that an algorithm has existed and the level and quality of scrutiny it has received. NTRU excels on all those metrics and we’re delighted that Unseen’s independent evaluation has confirmed this.”
NTRU is based on a completely different mathematical problem from RSA and ECC – resulting in higher performance and a superior ability to withstand brute-force attacks. It is industry-vetted and commercial-ready, unlike most other lattice-based algorithms. “You do not want to put the user’s privacy at risk with an untested encryption algorithm” continued Whyte. “ECC is tested and standardized just like NTRU; however, NTRU is faster and more secure. RSA, though tested and standardized, is too slow and difficult to implement correctly at the security levels Unseen needs for their users.”
About NTRU Crypto
NTRU was developed in 1996 by Brown University math professors who wanted to create a superior data protection for constrained embedded and consumer electronic devices. With the growth of big data and cyber security attacks, NTRU is increasingly appealing to organizations with high-volume ecommerce and hosted services transactions that want to provide end to end encryption without sacrificing security or speed. With its extremely small footprint, high speed, future-proof security, and adoption by IEEE and X9 standards, NTRU is poised to become the de facto crypto in the post-RSA world. It has been published, reviewed in scholarly journals, and presented at Crypto, Eurocrypt, RSA Conference, and PQCrypto (Post-Quantum Cryptography).
-The Department of Electrical Engineering at the University of Leuven released a report entitled Speed records for NTRU in which they write: “NTRU is extremely fast on parallelizable processors.”
-Since its introduction at Crypto ’96, NTRUEncrypt has been subject to constant scrutiny by top cryptographers, including a EuroCrypt ’97 security analysis by Adi Shamir and Don Coppersmith. NTRUEncrypt has been publicly presented at top cryptographic conferences, has been described through publication in refereed journals and conference proceedings, and has been reviewed by outside experts.
-The National Institute of Standards & Technology (NIST) accredited NTRU with being the most practical lattice-based cryptographic solution for post-quantum computing world (Perlner and Cooper, 2009)
About Security Innovation
A software security pioneer since 2002, Security Innovation is dedicated to protecting sensitive data in the world’s most challenging environments – whether on embedded systems, desktops, web applications, mobile devices, or in the cloud. Recognizing that software applications no longer exist in isolation, our clients are better prepared to anticipate, navigate and reduce software security risk regardless of technology or system complexity. There are more than a million licenses of Security Innovation’s eLearning products in use today and our embedded security products ship on tens of millions of systems each year. The company is privately held and is headquartered in Wilmington, MA USA. Visit the company at http://www.securityinnovation.com or on Twitter @SecInnovation
Based in Reykjavik, Iceland, Unseen provides private and secure communications services for consumers and businesses. Using state-of-the-art technology in a familiar format people already know how to use, Unseen is designed to replace insecure email and instant messaging applications used by everyone on the internet. The company’s web site is at https://unseen.is.