RSA and ECC are the two most common public-key crypto systems in use today. At the 2013 Black Hat conference, researchers declared that the math for cracking encryption algorithms could soon become so efficient that it will render the RSA crypto algorithm obsolete. Coupled with the recent NSA tampering allegations on ECC, this mistrust could set up a “cryptopocalypse” with organizations scrambling to retrofit systems with new, yet trusted, public-key crypto systems.
Today, Security Innovation announced the availability of NTRU crypto for free use in open source software. With the GPL open source license, NTRU can be confidently deployed in open source products such as web browsers and TLS/SSL servers. For those wishing to incorporate NTRU into a proprietary product, a commercial license is available.
“The Internet generates a trillion dollars in ecommerce sales a year; however, these transactions are being protected by a limited set of encryption algorithms”, said Charles Kolodgy, Research Vice President for Security Products at IDC. “This lack of diversity can be a single point of failure. By offering NTRU under a General Public License, Security Innovation is expanding the diversity of encryption available on the Internet.”
“The open source licensing of the NTRU crypto system will make it easier for wide-spread adoption of our X9.98 standard, allowing Financial Services companies to protect their important financial transactions,” said executive director Cynthia Fuller of Accredited Standards Committee X9 Financial Industry Standards.
Because NTRU is based on lattice math, it is resistant to Shor’s algorithm, likely to be used in quantum computing attacks and shown to break both RSA and ECC.
“More diversity in choice of cryptography can only make communications on the Internet safer,” said Terence Spies, CTO at Voltage Security. “We applaud this move by Security Innovation to remove barriers to adoption by the open source community.”
“Open sourcing NTRU ensures that the implementation is solid and without the backdoors that we have learned about in proprietary implementations” said Dr. William Whyte, chief scientist at Security Innovation, Inc. and chair of the IEEE 1363 Working Group. “We are fussy in the crypto world, and want to ensure that any adopted crypto is transparent and battle-tested. NTRU has been successfully scrutinized by numerous government agencies and universities for over a decade.”