Certicom Corporation, with headquarters in Mississauga, Ontario, Canada has announced that Intelligent Recognition Systems, who is building prototype communications technology for the Special Forces and U.S. Army Rangers, will use Certicom security architecture to generate certificates, encrypt data and provide elliptic curve cryptography (ECC)-based authentication.

The characteristics of ECC make it ideal for securing communication today and in the future. It is considerably more efficient than legacy public-key schemes and its strength and size allow it to scale more efficiently, allowing it to remain a strong cryptography algorithm for many decades.

"ECC has been around in various crypto forms for approximately 20 years. However, most algorithms have to go through 10-plus years before they can really be considered ready for prime time", says Brendan Ziolo, director of marketing at Certicom.

"What has happened over the last 20 years is that first people tested it to make sure it is secure and doesn't have some kind of fundamental weakness that hackers could exploit," says Ziolo. "Secondly, a lot of work has been done on finding implementations that are more efficient, stronger and faster."

Certicom technologies for ECC are said to provide the most security-per-bit of any known public-key scheme. ECC is used in a growing number of government communication applications because of its strength and efficiency and also because it is included in an increasing number of standards and protocols.

"The system we're developing includes hand-held devices that communicate with remote centers, which could be located anywhere in the world, so not only does the security have to be strong, it has to be small and fast," said Joyce Brykman, president, Intelligent Recognition Systems. "We chose Certicom for the team's security knowledge and expertise in ECC. And by using ECC for authentication, we're supporting NSA Type I (classified) certification."

The Certicom security architecture is a comprehensive, modular and portable solution designed to enable developers to quickly and cost-effectively embed security into applications, and across multiple families and generations of devices. A common application programming interface (API) unifies Certicom's modules to create a plug-and-play security architecture.