Elliptic Curve Cryptography Provides Increased Speed and Security to Cheque Image Exchange

Certicom Corp. has announced that Unisys Corporation has licensed Certicom's Security Builder toolkits to embed Elliptic Curve Cryptography (ECC) in its medium-speed NDP Quantum Series and its high-speed NDP850-2000 document processor families. The highly optimized implementations of ECC, found in the Security Builder toolkit, enable Unisys to digitally sign over 10,000 images per minute and address the security requirements of cheque image exchange.

Cheque image exchange provides significant opportunity for improved efficiencies and reduced costs in the financial industry but also creates opportunities for fraud as the images move through the payment system. This agreement between Unisys and Certicom provides the financial industry with security technologies to protect against fraud.

"Embedding Certicom security technology allows Unisys customers to be confident of the integrity of each cheque image which is the optimal way to eliminate the risk of image alteration fraud," said Gary Wallen, Vice President Unisys Payment Systems. "And Certicom's optimized implementations allow us to meet the demanding requirement to sign 10,000 images per minute."

Cheque imaging standards, like Check 21 in the U.S. and Interbank Data Exchange in the U.K., encourages financial institutions to exchange digital images rather than paper to process cheques with each other. The security around these digital images is very important because they must guarantee the same legal status as a paper cheque and eliminate the possibility of fraud while ensuring long-term storage. These requirements present a number of challenges: first, machines scan thousands of cheques per minute; second, each image has to be signed to ensure that cheque values are not tampered with; and third, the encryption must be very strong so that the images can be transferred safely.

To achieve maximum efficiency, the digital signature must be small and fast. However, security cannot be compromised, so the signature must also be very strong. With Security Builder PKI, Unisys has integrated an ECC-based digital signature, ECDSA, which offers high security using much smaller key sizes than any other public key scheme available today. It is the only technology capable of digitally signing over 10,000 images per minute. It also allows Unisys to be consistent with the ANSI (American National Standards Institute) DSTU X9.37 Specifications for Electronic Exchange of Check and Image Data.

"This contract is another example of how ECC is the ideal public key cryptosystem for a growing number of applications that require strong, efficient cryptography. This selection by Unisys further validates our toolkits as the most highly optimized implementations on the market today," said Ian McKinnon, President and CEO at Certicom. "Our Security Builder toolkits enable Unisys to integrate ECC-based digital signatures quickly and easily into their solutions in order to conform with the emerging cheque imaging requirements. This will create new opportunities for Certicom in the financial sector."

You can view the original article here...
http://www.securitypark.co.uk/article.asp?articleid=22587&CategoryID=