Sept 29, 2015 — Wilmington, MA — Security Innovation, the authority in application and crypto security, announced today that its standards-based NTRU crypto has been selected by Cyph to deliver the safest communication channel for completely private conversations.
Cyph is a surveillance-free chat experience that offers voice and video calling as well as file and image sharing. Cyph works on desktops, laptops, smart phones, and other mobile devices.
Taking a security-first approach, Cyph committed to end-to-end encryption. Using proven technology like NTRU, Cyph ensures photos, files, conversations, and confidential data are safe from prying eyes. Cracking a single Cyph message would take longer than the age of the universe, even using the fastest supercomputer. Cyph recognized the additional benefit of a public-key crypto system that is completely tamper-resistant with no proven successful attacks, and one that is resistant to quantum computing attacks, making their system future-proof as well. NTRU also ensures that Cyph communications are safe from “Harvest & Decrypt” attacks, where messages are stored today and decrypted once quantum computers become powerful enough to break conventional crypto solutions. The move to quantum-safe computing has taken on new urgency since the recent NSA announcement.
“Among quantum-safe ciphers, NTRU seems to have the strongest balance of practical usability — high performance, small key size; cryptanalytic backing — 20 years of research; and maturity of implementation,” said Ryan Lester, co-founder of Cyph. “NTRU makes post-quantum crypto a no-brainer considering the potential reward versus the minimal tradeoff. Open source software in particular needs to give this a serious look.”
“Encryption plays a critical role to ensure the integrity and security of data communications. NTRU has been community-vetted, battle tested in industry, and standardized by the financial industry (ASC X9) as well as IEEE (1363.1),” said William Whyte, Chief Scientist at Security Innovation. “I commend Cyph for the due diligence they conducted on public-key crypto options as commonly used public-key crypto has been weakened, slow, and compromised, which puts users at risk.”
About NTRU Crypto
NTRU was developed in 1996 by Brown University math professors who wanted to create a superior data protection method for constrained embedded and consumer electronic devices. NTRU is based on a completely different mathematical problem from RSA and ECC, resulting in higher performance and a superior ability to withstand brute-force attacks. With the growth of big data and cyber security attacks, NTRU is increasingly appealing to organizations with high-volume ecommerce and hosted services transactions that want to provide end to end encryption without sacrificing security or speed. With its extremely small footprint, high speed, future-proof security, and adoption by IEEE and X9 standards, NTRU is poised to become the de facto crypto in the post-RSA world. It has been published, reviewed in scholarly journals, and presented at Crypto, Eurocrypt, RSA Conference, and PQCrypto (Post-Quantum Cryptography).
- The Department of Electrical Engineering at the University of Leuven released a report entitled Speed records for NTRU in which they write: “NTRU is extremely fast on parallelizable processors.”
- Since its introduction at Crypto ‘96, NTRUEncrypt has been subject to constant scrutiny by top cryptographers, including a EuroCrypt ‘97 security analysis by Adi Shamir and Don Coppersmith. NTRUEncrypt has been publicly presented at top cryptographic conferences, has been described through publication in refereed journals and conference proceedings, and has been reviewed by outside experts.
- The National Institute of Standards & Technology (NIST) accredited NTRU with being the most practical lattice-based cryptographic solution for post-quantum computing world (Perlner and Cooper, 2009)
About Security Innovation
A software security pioneer since 2002, Security Innovation is dedicated to protecting sensitive data in the world’s most challenging environments — whether on embedded systems, desktops, web applications, mobile devices, or in the cloud. Recognizing that software applications no longer exist in isolation, our clients are better prepared to anticipate, navigate and reduce software security risk regardless of technology or system complexity. There are more than a million licenses of Security Innovation’s eLearning products in use today and our embedded security products ship on tens of millions of systems each year. The company is privately held and is headquartered in Wilmington, MA USA. Visit the company at www.securityinnovation.com or on Twitter @SecInnovation
Supported by the MACH37™ Cyber Accelerator and audited with the support of the Open Technology Fund, Cyph provides extremely secure and easy-to-use one-click messaging for individual and enterprise use. With a broad feature set that includes file transfers, voice/video calling, and post-quantum end-to-end encryption — all without any required app download or installation — Cyph is committed to the mission of instantly-secured communication. Cyph remains free for personal use and offers licensing for commercial clients, including custom deployments and API integration. More information can be found at cyph.com as well as @cyph on Twitter.