1995-09-20 - New Kid On The Block

Header Data

From: Aleph One <aleph1@dfw.net>
To: cypherpunks@toad.com
Message Hash: a005c8cdf5a2941d16387ec368b3e3291e3786f037eae0dadb735c42d55500bd
Message ID: <Pine.SUN.3.90.950919193110.24166C-100000@dfw.net>
Reply To: N/A
UTC Datetime: 1995-09-20 00:33:44 UTC
Raw Date: Tue, 19 Sep 95 17:33:44 PDT

Raw message

From: Aleph One <aleph1@dfw.net>
Date: Tue, 19 Sep 95 17:33:44 PDT
To: cypherpunks@toad.com
Subject: New Kid On The Block
Message-ID: <Pine.SUN.3.90.950919193110.24166C-100000@dfw.net>
MIME-Version: 1.0
Content-Type: text/plain




Aleph One / aleph1@dfw.net
http://underground.org/
KeyID 1024/948FD6B5 
Fingerprint EE C9 E8 AA CB AF 09 61  8C 39 EA 47 A8 6A B8 01 

---------- Forwarded message ----------
Date: Tue, 19 Sep 95 14:25:20 PDT
From: Bob Williams <bobw@netmanage.com>
To: "Larry J. Hughes Jr." <hughes@indiana.edu>,
    Adam Shostack <adam@bwh.harvard.edu>
Cc: ssl-talk@netscape.com
Subject: Re: details on security bug? 

The problems with SSL extend beyond the random
number generation hole widely publicized in the press today.

SSL 2.0 poses both financial and interoperability barriers
to widespread use of Cryptography that will be addressed
in the very near future.
 

-------------------------------
NETMANAGE, Inc.
Press Release
FOR IMMEDIATE RELEASE

Contact: Donna Loughlin, NetManage, (408) 973-7171
              Donna@netmanage.com

NetManage Licenses Public Key Cryptography from CYLINK

The Two Firms to Promote an Open Interface for Internet Security which 
Corrects Flaws and Eliminates Financial and Interoperability Barriers for 
Cryptography.

Cupertino, California - September 19,  1995- NetManage, the leader in TCP/IP 
Applications for Windows and Internet productivity software, announced today 
that is has signed a licensing agreement with CYLINK Corporation for 
technology which incorporates the fundamental patents covering public 
key cryptography.   NetManage will be providing support for public key 
authentication and data encryption as a fundamental component of its 
Chameleon Enterprise strategy.  The two firms further announced that they 
plan to provide support for an open interface for Internet security which 
will address recent flaws found in cryptographic implementations used by 
Netscape Communications and other unpublicized security holes in existing 
Internet security protocols. The standard is further intended to eliminate 
the financial and interoperability barriers that have been holding back 
widespread use of public key cryptography on the Internet.

In a separate announcement released yesterday, CYLINK announced that it had 
prevailed in a patent lawsuit with RSA Data Security which found that RSA 
had infringed U.S. patents held by CYLINK which cover all known 
implementations of public key technology.

About Internet Security
-----------------------
Establishing a secure Internet connection requires any computer software 
program to perform two functions: Authentication of the user, and bulk 
encryption of data.  

The Authentication phase allows two computers to verify that each party is 
who they claim to be, and that they are authorized to enter into a secure 
communications session.   This is done via "public key" technology, which 
was developed and patented originally by Stanford University and licensed 
exclusively by CYLINK Corporation.

During the authentication phase the two computers also agree upon the 
encryption method to be used for bulk data transfer during the time the two 
computers are communicating data between one another.  These ciphers can be 
implemented in either software or hardware, including PCMCIA cards.  Popular 
encryption ciphers include DES, Triple-DES, SAFER, IDEA, Skipjack, RC-2 and 
RC-4 and are available from a variety of software and hardware vendors.

Limitations of Current Internet Security Standards
--------------------------------------------------
Current implementations of security protocols proposed as standards by 
Netscape Communications and RSA Data Security, Inc. include security flaws 
and fail to fully accommodate open and interoperable secure communications 
between computers which use different bulk encryption ciphers.  These 
problems have limited the adoption of Internet security as a widespread 
interoperable feature of all Internet software and hardware products 
including end-user applications, servers, firewalls, and secure routers.

NetManage and CYLINK, along with other major software and hardware 
developers, will be announcing next week the release of a publicly available 
security implementation which allows for 'plug & play' interoperability for 
users of Internet security, and the endorsement of protocol extensions which 
improve the reliability of current proposed Internet security standards.  
This open implementation will not lock software or hardware developers into 
the use of encryption technology from any one vendor.

Related APIs, key exchange technology, and encryption will be made publicly 
available to other software and hardware developers.   Licensing will 
include source code and no per-copy royalty fees.

About NetManage
---------------
NetManage Inc., the fastest growing software company in the United States, 
develops markets and supports an integrated set of Internet-based 
applications, servers and development tools for Microsoft Windows, Windows 
95 and Windows NT.  NetManage software allows corporations to facilitate 
communication, sharing of information and collaboration between workgroups 
using Internet technology. The company's award winning products include 
Chameleon, Internet Chameleon and ECCO. NetManage is a public company, whose 
shares are traded on the NASDAQ under the ticker symbol NETM.  Its products 
are sold world-wide by NetManage's direct sales force and authorized channel 
partners.

About CYLINK
------------
CYLINK Corporation is the world's largest provider of enterprise-wide 
network information security products and wireless communications.  CYLINK 
is the exclusive holder of the fundamental patents which broadly claim the 
invention of public-key cryptography (Diffie-Hellman, Hellman-Merkle, and 
Helman-Pohling) and which were originally developed at Stanford University.  
Headquartered in Sunnyvale, California, CYLINK serves Fortune 500 companies, 
financial institutions and government agencies.  Licensees of CYLINK 
technology include CISCO Systems, and other prominent hardware and software 
developers.

# # #







Thread