As electronic commerce and other security-intensive networks branch out over the Internet, so too do the cryptographic-based applications used to scramble data as it moves from place to place. But the dirty secret about crypto apps is that they require lots of processing power. So in order to make crypto-based networks run smoothly, some argue, a new class of hardware products - called crypto accelerators - will become essential pieces of the puzzle.
Alex van Someren, co-founder of Cambridge, England-based start-up nCipher, believes Web servers that provide crypto processing are too slow. When using Secure Sockets Layer, the current protocol for providing secure Web transactions, it can take up to a half second to complete each request on a typical Pentium-based server, he said. "And the SET protocol proposed by Visa and others [for electronic bank card payments] can take six times that of SSL."
On a commercial enterprise server, such as a bank's payment-processing system or a Web server with hundreds of simultaneous transactions, this will obviously result in time delays for the user. As a result, a number of companies - such as the Internet Security Group at Rainbow Technologies and Tandem offshoot Atalla - are providing crypto accelerators.
nCipher's entry in this market is nFast, a box the size of a 5.25-inch CD-ROM drive which slides into a server's drive bay - a slot reserved for disk drives - and is attached via a SCSI connection. The box runs on all the big Web-server platforms - namely, Windows NT and a myriad of Unix flavors, including its in-house development preference, NetBSD.
Like most other crypto accelerators, nFast is a proprietary, patent-pending system: It uses dedicated high-speed RISC microprocessors with custom logic to perform the crypto math. "Much of the software algorithms to process this are built into firmware on the devices," explained van Someren, "so if trends and protocols change - such as an increased use of Elliptic Curve Cryptography, for instance - the hardware can be upgraded to retain its usefulness."
It's also scaleable, he said, so the amount of acceleration depends on the configuration. "We raise the performance from 25 to 100 times, going to 75 to 300 functions a second."
What remains to be seen, however, is who will bite.
"The big question with Internet commerce is: Will it take off like everyone says?" said Randy Sabett, an associate with Venable, Baetjer, Howard & Civiletti.
"Do we really need 300 [cryptographic operations] per second? You wait 30 seconds for a credit card when you're at a store," he said. "It's an impressive number, but when will the demand be there?"
Information security guru Winn Schwartau, when asked this question, calculated the number of seconds in a week - 604,800 - and noted that any operation with that many weekly customers was not your average retail. "What I need to see is the number of transactions per given time period," he said. "I think the principle is fabulous. The question that I've got is how do you measure whether you need it or not?"
Van Someren said it's largely an issue of consumer confidence. "People are really worried that their credit card details or their personal information is going to get stolen when its traveling over the Internet," he said.
Whether it's for online payments, authentication, or privacy, very high-volume transactions are coming - and they will create a crypto overload, said Atalla's Gary Lefkowitz. "The card issuers have told us that they want to get into the triple digits per second," he said.
While strong crypto will give people more confidence, it also poses a processing problem. "It's a vicious circle that every time you upgrade your armor to protect against missiles, somebody is going to build a bigger missile to attack at you. And so you make bigger armor, and things get pushed out further and further," van Someren said.
