Press Contact Email :
Tel: + 1.888.266.6361
Tel: + 1.206.203.6361
"Side Channel" leakage offers a security flaw that can be addressed.
New York, 13th February 2004. Comodo, recognized as a leader for the creation of digital identity services and secure business critical infrastructure solutions will present some details of why today's Smartcard technology is susceptible to side channel leakage. There is a distinct possibility of identity theft of any individual or organisation - A major concern for the immediate future as the popularity of Smartcard related solutions gains momentum. Comodo's Research and Development facilities have extensively researched this issue and patented a solution. - the "Mist" algorithm. Metaphorically speaking the secret key is obscured from detection as vision would be when veiled by a mist.
Dr. Colin Walter, head of the cryptography at Comodo Research Lab, will discuss the issue in depth at the forthcoming RSA 2004 conference in San Francisco (23rd-27th February 2004 http://2004.rsaconference.com/ ). RSA is arguably the largest and most important conference and exhibition of computer security system research and products.
Dr. Walter will speak in the Cryptographers' Track on the subject "Issues of Security with the Oswald-Aigner Exponentiation Algorithm". His talk is concerned with the extraction of secret keys from smartcards using "side channel" leakage. When the classical exponentiation algorithms are used for encryption and signatures, there are data-dependent variations in the power consumption of the processor.
These minute variations can be used by an attacker to reconstruct the secret key without damaging the smartcard. This enables him to clone the card successfully and therefore impersonate the owner. Randomised algorithms have been proposed to overcome the problem of leakage, but Dr. Walter will show that the one described by Oswald and Aigner has some limitations. The "Mist" algorithm patented by Comodo is immune to this type of attack.
ABOUT COMODO
Comodo (www.comodo.com) designs, develops, manufactures and markets the industries broadest range of Computer Network Security infrastructure products. - x.509 digital Certificate services, validation services, silicon security, crypto solutions and software security applications. Comodo provides critical business solutions through the Trustix™ range of infrastructure solutions and also operates the world's only real-time website identity assurance infrastructure. These are all developed by a diverse number of dedicated Research Labs, headquartered in the UK. Independent research carried out by Esoft showed that from 2002 to 2003, Comodo increased its global SSL certificate market share by almost 5%; much greater than any other Certification Authority. For product information please contact + 1.888.266.6361 or + 1.206.203.6361 or visit the Comodo home Page at www.comodo.com.