<http://www.theinquirer.net/print.aspx?article=41087&print=1> The Inquirer Finding the right lock for cryptographic keys Speakers' Corner Nicko van Someren, nCipher By: Wendy M. Grossman Wednesday 18 July 2007, 14:37 "AS WE SEE IT," says Nicko van Someren, chief technology officer for nCipher, "the big cloud on the horizon for computer security is how to deal with the ever-expanding number of cryptographic keys that are vital to computer security." Cambridge-based nCipher got its start in 1996, when van Someren and his brother, Alex, needed to incorporate cryptography into the Web browser they were providing for Oracle's network computer. "We thought of buying it in," says van Someren, "but it was all export-controlled. So we thought we'd build our own - and then started thinking there might be a market for doing crypto outside the US where it wasn't confounded by US export controls." Van Someren discovered computer science as a Cambridge undergraduate. Alex went straight to work for Acorn computers and then set up a consultancy business. "I went to university for the both of us," says van Someren, who spent a year between degrees interning at Xerox EuroPARC, helping his brother, and designing networking equipment for his father's company. In 1994, just as van Someren was finishing his dissertation (on video image processing), he discovered the Web. "So I wrote a Web browser," he says. "I called it Fresco, as a play on Mosaic." Shortly afterwards Netscape launched. Fresco lives on as an embedded browser in hotel room video front ends. The complication in managing cryptography keys is the conflict between ensuring both that keys are not misused by people who are not supposed to have access to them and, simultaneously, that the keys are available to the people who need them. The added complication is that increasingly cryptography is being used to secure data itself, not just protect it in transmission, which means many more endpoints. Ten years ago, when nCipher started building the hardware to do that, you were talking about modestly sized clusters. Now, a large enterprise may have thousands of desktop machines and a server farm with hundreds of virtual Web servers, and key management is a major issue. "You can set a policy, for example, that require a weekly update in organisations where highly paid personnel can cost hundreds of dollars to change a key on a single server. If you can automate that you can save hundreds of dollars times thousands of servers. If it takes a few hours of someone's time to do each server you can't change keys more than once a year. If it takes a few milliseconds, you can do it every day, so there's a qualitative improvement in security into the bargain." Take, says Van Someren, automated teller machines, which use cryptographic keys in the process of veryifying ATM cards. Because ATMs still use symmetric cryptography (where the same key both encrypts and decrypts), there is a lot of concern about the keys getting lost or cracked. So, to change the keys on one of these machines, each of two guys is given a printout of half the key. They're sent out in separate vans, and on arrival each types his half into the machine to gain access. "If one fails to show, the other one can't do anything. It's a precarious problem. Rekeying ATMs costs many hundreds of dollars, and they're supposed to do it once a year, but they don't because it's too expensive." The US stopped restricting cryptography in the late 1990s, but the second significant battle fought over it persists: law enforcement access to encrypted data. Under Part III of the Regulation of Investigatory Powers Act (2000) cryptography users must disclose those keys if required to do so by law enforcement. However, Part III still hasn't come into force, in part because of concerns about how law enforcement should handle the keys they acquire. A code of practice is now being laid before Parliament; van Someren describes it as "a huge step in the right direction". He says, "They have finally realised, I think, that the value of the data they're going to get in the evidence room is just about the most valuable thing they're ever going to have - it could easily be worth more than a ton of coke." 5 -- ----------------- R. A. Hettinga <mailto: rah@ibuc.com> The Internet Bearer Underwriting Corporation <http://www.ibuc.com/> 44 Farquhar Street, Boston, MA 02131 USA "... however it may deserve respect for its usefulness and antiquity, [predicting the end of the world] has not been found agreeable to experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'