http://www.planetit.com/techcenters/docs/security/news/PIT20010418S0005 by Will Wade April 18, 2001 SAN FRANCISCO - A security system startup venture has taken the wraps off a new type of encryption-processing scheme that it claims can increase performance over competing technologies by as much as tenfold. As a result, Andes Networks Inc. expects to see the cost of implementing security features fall so low, so fast, that all traffic over the public Internet could be encrypted within a few years. The company has focused on the secure sockets layer (SSL) format, which has become a de facto standard for Web traffic. Although it is not often used for full encryption and authentication operations, SSL is built into every Web browser and is therefore available to anybody using the Internet. Andes announced recently at the RSA Conference 2001 that it is sampling an SSL accelerator system, a box designed to sit in Internet data centers and whose sole function is to decode encrypted traffic as it comes in, and add encryption to traffic on the way out. It is scheduled to begin commercial shipments next quarter. "Our system is the first commercial implementation of a new-generation technology, which redefines the standards of SSL processing," said Paul Gordon, president and chief executive officer of Andes, Mountain View, Calif. While current systems may perform anywhere from 200 to 1,500 RSA operations/second, which is the basic function of decryption traffic based on the industry-standard RSA algorithms, Gordon said Andes' system can do 15,000 RSA operations every second. In addition, he said the crop of systems can support handshakes with up to 750 new SSL clients per second, while the Andes version handles 5,000 such transactions. Although SSL is deployed all through the Internet, it is not widely used. Gordon estimated that only about 6 to 7 percent of Internet traffic is encrypted, usually e-commerce and other financial transactions. A big part of the reason for this is speed: According to some estimates, it can take as much as 50 times longer to send an SSL-encrypted data stream from one computer than to send non-encrypted data. ISN is hosted by SecurityFocus.com --- To unsubscribe email LISTSERVat_private with a message body of "SIGNOFF ISN".
This archive was generated by hypermail 2b30 : Fri Apr 20 2001 - 01:19:42 PDT