Kiwi encryption guru unfazed by US moves

RPK encryption developer Bill Raike is undeterred by US moves to free up export regulations on 128-key encryption software. The Kiwi cryptographer says overseas users will be less likely to accept any US encryption schemes as long as there are "strings attached". These strings will continue to give RPK a commercial edge, he says. A Swiss consortium called Adesa has recently adopted the RPK algorithm for use in its Hawk smartcard. However, New Zealand companies have not been so fast to incorporate RPK into their products.

RPK encryption developer Bill Raike is undeterred by US moves to free up export regulations on 128-key encryption software.

The Kiwi cryptographer says overseas users will be less likely to accept any US encryption schemes as long as there are “strings attached”.

These strings will continue to give RPK a commercial edge, he says. A Swiss consortium called Adesa has recently adopted the RPK algorithm for use in its Hawk smartcard.

However, New Zealand companies have not been so fast to incorporate RPK into their products.

“No corporates have picked it up here yet,” Raike acknowledges. “But we have sold several copies here and hundreds overseas through software developers’ conferences.”

The US Government has been reluctant to export public key cryptography, supposedly fearful of its use by an enemy in war and espionage, although in New Zealand the ASB Bank has announced it has 128-key encrytography available for use in its Internet banking product.

“I don’t know where ASB got the software it intends to use,” says Raike. “I certainly played no part in it.” The bank is understandably keeping details of its encryption under wraps, “but I would guess it’s some kind of scheme that uses public-key encryption to distribute keys, and then uses more conventional cryptographic methods to transmit the actual message.”

This, he says, would preserve the competitive edge for the product of his own company, RPK New Zealand, since it uses a consistent public key algorithm throughout.

Conventional “symmetrical” encryption, known since Roman times, enciphers and deciphers a message using the same key, which must therefore be private to the two parties.

Public key cryptography allows each sender to make one version of their key known to everyone, while keeping another mathematically-related version private. A message is sent using the sender’s private key and the recipient’s public key, and can be decoded only with the sender’s public key and the recipient’s private key.

RSA, the leading public-key system, “is known as Real Slow Algorithm”, says Raike. Because of its slowness, it is often used just to transmit the key. The messages are transmitted with a symmetrical scheme — two popular ones are RC4, from the same company as RSA, and Idea.

RPK, Raike says, does not have those speed snags and can be used in full public-key form.

Moves in the US government to liberalise cryptography export are unclear, Raike says. Some senators and congressmen have sparked moves to have it freed up entirely, but a more cautious lobby, apparently with presidential blessing, has moved to free up long-key encryption so long as Government authorities are provided with some way to break the code, to prevent its use for illegal purposes.

Overseas users would be less likely to accept an encryption scheme with “strings attached”, Raike suggests; so again, RPK will preserve its commercial edge.

Raike says a number of New Zealand developers are incorporating RPK into their products, although he refuses to reveal their identities for commercial reasons.

“No corporates have picked it up here yet,” he acknowledges. But we have sold several copies here and hundreds overseas through software developers’

conferences.”

Join the newsletter!

Or

Sign up to gain exclusive access to email subscriptions, event invitations, competitions, giveaways, and much more.

Membership is free, and your security and privacy remain protected. View our privacy policy before signing up.

Error: Please check your email address.
Show Comments
[]