Thursday, 16 August 2007

Elliptic curviness

I had the pleasure of catching up with another employee of Voltage this week. They, or rather their PR company, are really keen to get their name out in the general populace. So, I've decided I'm going to be your self-elected Robin Hood for the time being, man of the people that is, representing the proleteriat (OK, I'm sounding far too much like Karl Marx here), not stealing from the rich to give to the poor (necessarily, although I might have a go later.)

The guy I spoke to this time endeared himself to me immediately by asking "Are you the Rob Newby that's in the Wall Street Journal today? Or is that a fake Rob Newby?"

"Yes, that's me", I glowed quietly (can you do it any other way?), and realised I was being an arse, albeit privately. So then I got down to the business in hand, and asked him all about what's going on at Voltage. You will know if you read my blog regularly that I am a bit of a data-security freak, what you may not know is that I am an encryptionophile (is that a word?) too.

It took me a little while to get my head around elliptic curve crypto, but then relating it to identity based encryption was pretty simple. I like the idea, but I was curious to find out where it can/is being used to greatest effect. My suspicion is that these things aren't going to be used widely in file and database encryption for example, which is really my background.

It seems that the most traction these days is with email, on an enterprise scale. I can imagine this stuff scaling up well in an enterprise environment. But Wasim was keen to emphasise that they were very excited about the application and database security developments. I know from experience this can be a hard area to break into, and there are plenty of well established vendors in this space already.

My main question to him centred in on this somewhat. "On the website, you seem to cover pretty much EVERY aspect of encryption, laptops, email, databases, etc. How do you segment for your sales force, and do you think you might be overstretching?"

I wish I'd recorded Wasim's answer, because it was much more interesting than what I'm going to repeat, but he basically said that they are doing a broad sweep at present to see where the interest is, but they already have a number of large customers across the globe, in each of the areas they talk about.

I'm really interested to see where encryption goes next. I like elliptic curve, and I'm watching key management to see what direction it takes next. Sun's publishing of it's APIs doesn't seem to have made a huge splash yet, but it would be good to see a common format for sharing keys across diverse infrastructure.

We also talked briefly about SISA, which I talked about last week. It seems they are currently in talks with the SISA gang to see if they can also get on board. This would be a great advantage to them of course, akin to backing from Microsoft and Cisco.

Thanks to Wasim for the interesting chat, and best of luck for the future, I have a feeling we will be coming across each other again soon.

No comments: