All future Microsoft software is to use nCipher's hardware security modules (HSMs) and time stamping technology to protect and authenticate it. Software developers who use Microsoft system-building products will also find it in the Microsoft Authenticode protocol.
By submitting your email address, you agree to receive emails regarding relevant topic offers from TechTarget and its partners. You can withdraw your consent at any time. Contact TechTarget at 275 Grove Street, Newton, MA.
"It is a big deal for us," said nCipher product manager Avia Dadon, "but not the biggest. It is in the range of high six figures to low seven figures, and we have many deals in the financial services and government markets that are much bigger."
Dadon said non-traditional markets such as life sciences, retail and independent services vendors (ISVs) are starting to drive the market for encryption and authentication tools.
"The need for compliance is widespread," he said, "People need to be able to authenticate the sender, for non-repudiation of the message, and to assure the integrity of the message, all of which can be done with encryption."
The nCipher technology allows systems developers to prove their products' authenticity and to show that the software has not been modified, potentially for malicious purposes.
"Authenticode is a critical technology for helping to build confidence and trust in computing," said David Cross, Microsoft's director of program management for Windows security. "nCipher's technology is a vital component and a critical part of the signing process for Microsoft software."
nCipher's Time Stamp Server (TSS) allows developers to use secure digital signatures and auditable time stamps when publishing the software. It removes the traditional reliance on the host computer's system clock, which is vulnerable to tampering, said an nCipher spokesman.
The time-stamp is produced within the tamper-resistant boundary of an embedded nCipher HSM and can be calibrated and synchronised to independently provided calibration and audit services, such those from the National Institute of Standards & Technology.