secg - standards for efficient cryptography group

Q1. What is the SECG?
A1. The Standards for Efficient Cryptography Group (SECG) is a consortium of leading providers of cryptography and information security solutions, end users, and standards organizations who have united to address the lack of interoperability between today's different cryptographic solutions -- a problem that hampers developers and users of secure electronic commerce and messaging applications.

Q2. What is the group’s primary charter?
A2. The SECG's charter is to develop the Standards for Efficient Cryptography (SEC), a family of commercial standards that will specify the basis for creating security solutions across a wide range of computing platforms that are completely interoperable, easily implemented, and cost-effective. The SEC will effectively incorporate elliptic curve cryptography (ECC), an advanced public-key technology, to make these solutions possible.

Q3. As a member, how do I participate in SECG discussions?
A3: Messages for the SECG membership may be posted to secg-talk@lists.certicom.com where they will be reflected to the group. Also, for the development of specific standards, dedicated working groups with their own mailing lists may be established. Members may join these specific working groups to directly participate in the discussion surrounding the development of these standards.

Q4. Why is this organization so important?
A4. The SECG represents the first working group anywhere that is devoted exclusively to developing standards based on ECC. ECC is clearly recognized as the leading standard for efficient data security and has garnered strong endorsements from leading high-tech companies such as 3Com, BellSouth, Cylink, Fujitsu, Hewlett-Packard, IBM, Microsoft, Motorola, Pitney Bowes, Sun Microsystems and VeriFone, among others.

Q5. How will the new SEC relate to current standards and draft standards for ECC?
A5. The SEC will draw extensively on existing efforts in relevant draft standards by the American National Standards Institute (ANSI), Institute of Electrical and Electronics Engineers (IEEE) and International Standards Organization (ISO) as well as on the unique technical expertise that Certicom has in ECC technology. A key objective of the SECG is to maintain compatibility with the ANSI and IEEE standards. The SECG will also use the SEC to provide an industry benchmark for assessing ECC strength and the quality of ECC implementations.

Q6. What are some practical applications for the SEC?
A6. The SEC standards will enable developers to readily build secure and efficient next-generation messaging and e-commerce solutions. With the SEC, ECC may be readily applied in the general public-key infrastructure as well as in processing power-constrained devices, such as handheld organizers and smart cards, to deliver a common level of industrial strength security.

Q7. Why was the SECG formed?
A7. The SECG was formed because its founding members recognized the need for interoperable implementations of ECC and shared a common vision to fulfil it. This need has dramatically increased over the last few years, during which time ECC has emerged as the strongest and most efficient cryptographic technology for securing next-generation solutions such as e-commerce and stock trading, wireless Internet access, on-line and wireless banking and electronic payment systems.

Q8. Who are the founding members?
A8. The SECG founders include: 3Com, Baltimore Technologies, Certicom, Diversinet, Ernst & Young, Fujitsu, Giesecke & Devrient, GlobeSet, GTE CyberTrust, Hewlett Packard, Motorola, NTT Electronics Corporation, Rainbow Technologies, Thawte Consulting and Xcert International.

Q9. What kind of cryptographic expertise does the SECG have?
A9. The SECG comprises the industry's leading providers of cryptography and information security technologies. The group has also assembled renowned cryptographers, mathematicians and researchers to serve on its Cryptographic Advisory Board, including experts Dr. Scott Vanstone of Certicom, Larry Puhl of Motorola, Dr. Nigel Smart of Hewlett Packard, Dr. Alfred Menezes of University of Waterloo, Dr. Dan Boneh of Stanford University, Dr. Phil Rogaway of University of California at Davis, and Bruce Schneier of Counterpane.

Q10. What is ECC and why is it important?
A10. ECC is a form of public-key cryptography that enables strong, high performance data security, including encryption and authentication, for every piece of the computing infrastructure. ECC is also in high demand as the only commercially viable technology for securing the new generation of small form-factor products such as handheld computers, pagers, cell phones and smart cards that connect to enterprise networks and electronic commerce systems. This demand is fuelled by ECC's ability to provide more efficient, high-strength security at smaller key sizes than traditional cryptographic systems. ECC's benefits include: improved performance, smaller memory and processing requirements, longer battery lifetimes on mobile devices, lower messaging costs for wireless communications and generally lower costs of implementation.

Q11. How often will the SECG meet?
A11. The SECG will conduct its business principally via its mailing lists. One meeting per year will be held in Toronto, Canada. If needed, a second meeting will be held at a location to be selected.