Perimeter
10/17/2012
01:38 PM
Dark Reading
Dark Reading
Products and Releases
Connect Directly
RSS
E-Mail
50%
50%

Thales Intros World's Fastest Elliptic Curve HSMs

nShield Connect 6000+, nShield Solo 6000+ help organizations embrace encryption and security capabilities

PLANTATION, Fla. – October 17, 2012 – Thales, leader in information systems and communications security, announces the introduction of nShield Connect

6000+ and nShield Solo 6000+ hardware security modules (HSMs),

6000+ delivering

the fastest available support for elliptic curve cryptography (ECC), helping organizations embrace the latest encryption and security capabilities without compromising performance.

With constant attacks on sensitive data and increased regulation, it has become increasingly critical for organizations to implement strong encryption and digital signatures to ensure the confidentiality and integrity of their critical data. This often places more strain on an organization's existing public key infrastructure (PKI) used to manage keys and credentials, or triggers the deployment of new PKI systems to support specific issues such as mobility, cloud computing or device security. As the next generation approach to public key cryptography, the use of ECC is a common requirement as organizations seek optimum methods for delivering the appropriate level of protection for these forward looking techniques.

In addition to supporting new applications the U.S. National Institute for Standards and Technology (NIST) has recommended since 2010 that organizations transition to key lengths longer than 1024 bit for cryptography based on the RSA algorithm. While increased key lengths greatly enhance security, they also require more computational capacity and that can slow down operational performance. ECC provides a viable alternative to traditional algorithms where performance is critical or where processing power is limited, such as in a portable device.

News facts:

• Elliptic curve cryptography is a proven alternative to traditional algorithms associated with PKI and the applications that employ public key operations and provides processing efficiencies that are well suited to emerging markets and security requirements.

• With the introduction of nShield Connect 6000+ and nShield Solo 6000+ Thales now offers the world's fastest elliptic curve HSMs with acceleration rates up to 2,400 signatures per second.

• Organizations deploying nShield HSMs can more easily meet industry best practices and the increasing number of data privacy mandates by protecting critical keys within a high assurance tamper-resistant security boundary.

• nShield Connect 6000+ and nShield Solo 6000+ models are currently undergoing FIPS 140-2 Level 3 validation (the globally recognized security standard for cryptographic systems) and will be available in early November 2012.

Richard Moulds, vice president, strategy, Thales e-Security, says:

"As the use of cryptography becomes a mainstream approach to protecting critical systems and valuable data, there is a requirement for algorithms that address the needs of important new markets. The rise of the smartphone and the emergence of 'intelligent connected devices' ranging from smart meters to ticketing systems and vending machines highlights the need for enhanced security on low power devices, and elliptic curve cryptography addresses that need. These devices rarely exist in isolation and almost always form part of a broader data protection strategy and cryptographic architecture that includes the use of HSMs. As our customers embrace these opportunities, Thales is committed to supporting forward-looking technologies, such as ECC, in a way that delivers the performance and consistent management capabilities of our market leading HSM portfolio."

Supporting resources:

• Thales e-Security: http://www.thales-esecurity.com

• Thales nShield Connect:

http://www.thales-esecurity.com/Products/Hardware%20Security%20Modules/nShie

ld%20Connect.aspx

• Thales nShield Solo:

http://www.thales-esecurity.com/Products/Hardware%20Security%20Modules/nShie

ld%20Solo.aspx

About Thales e-Security

Thales e-Security is a leading global provider of data encryption and cyber security solutions to the financial services, high technology, manufacturing, government and technology sectors. With a 40-year track record of protecting corporate and government information, Thales solutions are used by four of the five largest energy and aerospace companies, 22 NATO countries, and secure more than 80% of worldwide payment transactions. Thales e-Security has offices in Australia, France, Hong Kong, Norway, United States and the United Kingdom. www.thales-esecurity.com

About Thales

Thales is a global technology leader for the defence & security and the aerospace & transport markets. In 2011 the company generated revenues of €13 billion with 67,000 employees in 56 countries. With its 22,500 engineers and researchers, Thales has a unique capability to design, develop and deploy equipment, systems and services that meet the most complex security requirements. Thales has an exceptional international footprint, with operations around the world working with customers and local partners.

www.thalesgroup.com

Comment  | 
Print  | 
More Insights
Register for Dark Reading Newsletters
White Papers
Flash Poll
Current Issue
Cartoon
Video
Slideshows
Twitter Feed
Dark Reading - Bug Report
Bug Report
Enterprise Vulnerabilities
From DHS/US-CERT's National Vulnerability Database
CVE-2013-6117
Published: 2014-07-11
Dahua DVR 2.608.0000.0 and 2.608.GV00.0 allows remote attackers to bypass authentication and obtain sensitive information including user credentials, change user passwords, clear log files, and perform other actions via a request to TCP port 37777.

CVE-2014-0174
Published: 2014-07-11
Cumin (aka MRG Management Console), as used in Red Hat Enterprise MRG 2.5, does not include the HTTPOnly flag in a Set-Cookie header for the session cookie, which makes it easier for remote attackers to obtain potentially sensitive information via script access to this cookie.

CVE-2014-3485
Published: 2014-07-11
The REST API in the ovirt-engine in oVirt, as used in Red Hat Enterprise Virtualization (rhevm) 3.4, allows remote authenticated users to read arbitrary files and have other unspecified impact via unknown vectors, related to an XML External Entity (XXE) issue.

CVE-2014-3499
Published: 2014-07-11
Docker 1.0.0 uses world-readable and world-writable permissions on the management socket, which allows local users to gain privileges via unspecified vectors.

CVE-2014-3503
Published: 2014-07-11
Apache Syncope 1.1.x before 1.1.8 uses weak random values to generate passwords, which makes it easier for remote attackers to guess the password via a brute force attack.

Best of the Web
Dark Reading Radio
Archived Dark Reading Radio
Marilyn Cohodas and her guests look at the evolving nature of the relationship between CIO and CSO.