NEC yesterday announced it has developed a new encryption technology, CipherUnicorn-A, which it claims to be the strongest in the world.
The technology is based upon common key encryption - in which a single key is used for both the encoding and the decoding functions - but has a twist, explained Hiroshi Miyauchi, research manager at NEC's C&C Media Laboratories. As in other common key systems, a randomly generated master key, 128 bits in size, is first created. However, unlike in other systems, this is not used to encrypt or decrypt the file.
NEC's system creates a intermediate key of several thousand bits in length from the master key, and that serves as the base for the encryption process. When a file is being encrypted, the program first breaks it down into a number of data blocks. Each data block is encrypted with a different key -- chosen from inside the intermediate key and based upon the characteristics of the data being encrypted.
To add an extra layer of security, the key lengths used for encryption vary among 128, 192 and 256 bits in length, Miyauchi said.
In practice, this means that multiple keys of unknown length need to be cracked for an entire file to be decrypted. Miyauchi said the new system is much more secure than current DES-based systems, claiming it to be 2 to the power of 36 -- roughly 37,000 quadrillion trillion -- times more secure than currently systems.
On the decryption side, all the user needs is the master key. The software is capable of regenerating the intermediate key and working out how to decrypt the file.
Typically, the master key would be passed by hand to the other party or sent across the network, itself encrypted using a public key encryption system.
The encryption technology's first commercial use will come in NEC systems. The company plans to incorporate the system into its SecureWare security systems in mid-2000, but the researcher said the company has higher goals.
"We plan to apply this system to the International Standards Organisation (ISO)", Miyauchi said. The ISO is expected to begin considering the establishment of an international standard for encryption later this year.