Wave Systems Corp. (fka WAVXQ)

[vickers2]

Sorta OT----------Sheldon, Awk, Kite,....., -I'm nowhere near as technically savvy as y'all so any help appreciated. With respect to Diebold's Opteva they use Trusted Security Solution's A98 for remote rekey.

Would we play into this? I'm as convinced as ever about Wave's prospects but I'm also trying to find situations where our technology would be disruptive to the point of creating shorting opportunities in other companies Thanks in advance for any feedback. Best, Vickers2


http://www.trustedsecurity.com/remoterekey.htm

With the introduction of its new "Remote Re-Key Module", A98-R automates both the generation and distribution of cryptographic keys for ATMs. A98-R is compatible with ATMs that use RSA-enabled encrypting pin-pads (EPPs). The A98-R delivers random master keys in full compliance with ANSI standards and with network mandates for Triple-DES and unique keys per ATM.

The A98-R implements both Diebold's Certificate Based Protocol (CBP) and NCR's Signature Based Protocol (SBP) that are defined in the emerging ANS X9.24-2. Standard on Retail Cryptographic Key Management. The Diebold approach uses X.509 certificates and PKCS message formats to transport key data. NCR's method relies on digital signatures to ensure data integrity. Both processes require the ATM's EPP to be loaded at the factory with signed Public Keys or Certificates. In addition, an A98 public key must be signed by a Certificate Authority (i.e. Diebold or NCR) and imported back into the A98 during system intialization.

The remote re-key process requires the A98 to be authenticated by the ATM. In this step either the signed A98 public key or its certificate is sent from the A98 to the ATM. Once verified, the ATM will send its EPP public key to the A98. (In the case of Diebold, both an encryption and verification EPP public key is sent.) The A98 stores the EPP data and then generates a new DES key, encrypts it with the EPP's public key, prepares the required message format, and sends this new master key to the ATM. When the EPP responds that it successfully loaded the key, A98 sends a cryptogram of this new key to the host for loading into the terminal data base.

In the initial release of the A98 Remote Re-Key module, the interface to the ATM will be implemented through the terminal handler or device driver. Trusted Security Solutions has defined an XML data structure that will be used to communicate with the driver over a TCP/IP link. This approach confines modifications to the ATM device driver and eliminates any need to change the host security module or terminal driving application software. All the publice key cryptography, message formatting, database access, and user interface programming is provided in the A98 module.

By integrating the remote re-key module into the conventional A98 platform, Trusted Security Solutions continues to lead the industry by providing the most efficient, compliant, and cost-effective key establishment solution for all ATMs. The A98-R system not only fully automates key distribution for public key-enabled ATMs, but also continues to support single and triple-DES key loading for legacy ATMs.