Sun donates 'SSL-lite' to open source group

Sun has donated new cryptography technology to an open source project at the heart of many secure transactions on the internet.

Sun's "elliptic curve" technology is involved in the process of using keys to encrypt and decrypt information for electronic transactions. Such encryption lets people buy products online, for example, while shielding their credit card number from prying eyes. The server seller donated the technology to the OpenSSL project, a programming group that makes an open source version of the Secure Sockets Layer (SSL) encryption system.

Elliptic curve cryptography will enable secure communications with devices that don't have as much calculating power as most desktop computers, said Whitfield Diffie, Sun's chief security officer and a pioneer of the Diffie-Hellman "public key" cryptography method used today in SSL and other encryption systems.

"Small gadgets are the most obvious place to use it," Diffie said, but once the technology is built, it likely will spread farther. "The deployment schedule is on the order of several years to a decade unless something comes along in the interim. I would conjecture that by 2010 or so, this will be widely used."

Current encryption technology is based on mathematics developed in the 17th and 18th centuries, Diffie said. "Elliptic curve cryptography brings it forward into the mathematics of the 19th century," he said.

Diffie exhorted companies to build security into computing services from the start, not patch it on at the end, and announced Sun products to help in that plan. In combination with software and hardware companies, Sun announced a partnership to build a "perimeter security" product that handles problems at the boundary of corporate computing networks and the public Internet. The product will filter out undesired network traffic, detect intrusions and screen for viruses.

Sun also announced a secure web server, the software that delivers web pages across the internet. Because web servers typically are very public, they're a particular target for attacks over the network.

Stephen Shankland writes for News.com