, SecurityFocus 2001-04-26
Cheap chips and Moore's Law might deliver a fully encrypted Internet by 2005.
“
Crypto accelerators have been speeding up significantly faster than Moore's Law.
”
Encryption, the old saw went, was simply too expensive to use for anything but the most sensitive transactions, such as credit-card purchases on web sites. Companies that used it had to buy more computers just to handle the heavy mathematical computations involved in encrypting traffic they wanted kept private. Encryption, in effect, was the bottleneck that slowed down everything else.
But that's all changed. Sometime in the last two years or so, computing horsepower nearly caught up with the demands of crypto, and even surpassed them in many cases. Today, companies that spend a few hundred dollars on an add-on circuit board to their server can encrypt hundreds of times as many messages at once as in the web's early years.
Other approaches include dedicating entire servers to network encryption. But either way, the end result is the same: huge increases in the ability to handle secure data.
Add to that a eight-fold increase in the speed of the average microprocessor over the past five years, and "there is no bottleneck," says Shawn Abbott, chief technical officer at Rainbow Technologies in Irvine, Calif., which holds most of the market for accelerator hardware today. "We just expect security to be on by default."
Even as "free" encryption is upon us, its very cheapness is luring more companies into the encryption acceleration market, selling hardware dedicated exclusively to doing the math needed for good encryption.
Companies like Rainbow, nCipher, Broadcom and Ingrian are vying to see who comes out on top, driving performance still higher and prices still lower.
"There has been a huge increase in the number of products and companies targeting the SSL/crypto acceleration market," says Paul Kocher, co-developer of the "Secure Sockets Layer" standard that protects seemingly every credit-card transaction of significance on the web. "Crypto accelerators have been speeding up significantly faster than Moore's Law, due to the combined effects of increases in chip area and density, increases in clock rates, and improved designs."
Moore's law, named for Intel founder Gordon Moore, states that on average, computing speed doubles every 18 months.
IDC estimates that essentially all Internet traffic will be encrypted by 2005, up from less than 10 percent today.
IDC analyst Charles Kolodgy says corporate managers will demand better security as they become ever more dependent on the net. At the same time, he says, consumers will play an increasingly important role in pushing companies to secure an Internet whose vulnerabilities are legion. And that, he says, will drive research to make encryption ubiquitous.
"SSL is going to be around," he says. "People are going to use it. But for it to work properly it has to be really transparent and unintrusive. If people get into SSL transactions and it really slows them, they will just leave."
Still unanswered is the future of acceleration hardware. Kolodgy says he expects that specialized crypto chips, at least, will be woven into the Internet's infrastructure, just as graphic and sound cards are part of the standard PC today.
Not all are so sure.
Alex van Someren, for instance, has headed nCipher since 1997; the company is one of the world's largest makers of encryption accelerators. But van Someren says nCipher has long presumed that general-purpose microprocessors like those made by Intel would eventually be able to handle encryption without suffering a performance hit.
As a result, the company has moved away from simple acceleration products, and now includes other capabilities like encryption-key generation and key management in the products they sell.
Companies that make acceleration hardware, he says, "are fighting Moore's law. And ultimately, they are trying to sell against Moore's law."
