Reach
I believe you have raised a legitimate concern re: Ncipher.
It is most difficult to compare technologies through PRs.
Certainly, Ncipher has produced a competitor to manage keys within an enterprise. As I pointed out the other day...there is competition on lots of different levels. This new product will, it seems to me, produce some folks who will see it as a limited alternative to Wave for managing keys INSIDE their own enterprise. Reading the release, it seems that it does do some of the things Wave does, but not all of them.
Lee, MA – September 26, 2005 — Wave Systems Corp. (NASDAQ:WAVX) announced today that the next version of Wave's secure software platform, Embassy Trust Suite 5.0 and the Embassy Enterprise Authentication Server, is now available for trusted computing for business and government applications . New and improved trusted computing features include network policy management, data protection, biometric authentication, smart card authentication, password authentication and machine authentication of a user's personal computer to a server. It does manage and archive keys. In fact, it does a lot:
nCipher’s Security World approach offers clear benefits to security architects and system managers including:
* Secure key lifecycle management: the nCipher approach places the emphasis on the secure management of keys and their lifecycles, enhancing usability for security managers. This includes the creation and management of keys and also back-up and key recovery.
* Multi-level protection: by combining physical and logical security approaches, greater security is created.
* Secure key storage: strong encryption and secret sharing ensure keys have the highest level of protection when stored. Because keys are stored as encrypted and protected files (‘key blobs’) outside the physical confines of the HSM, there is virtually unlimited key storage available.
* Controlled access to keys: nCipher’s unique Access Control Lists deliver very fine-grained control over who can perform certain tasks and under what circumstances. Access can be further controlled by requiring a specified number of smart cards to be presented at the same time.
* Non-hierarchical key management: clear separation of administration and operational management functions means that there are no ‘super-users’ with excessive access rights.
* Module key uniqueness: nCipher’s hardware architecture provides a true hardware random number generator, which is used at initialization to create a totally random and externally unknowable module key.
* nCipher Security World scalability: additional modules can be added to a network and used together with other nCipher HSMs. By configuring each module within a Security World to use the same module key, HSMs can be used and managed together across networks to provide centralized and consistent security management.
* Logical extension with the Secure Execution Engine™: certain nShield™ modules can be used in conjunction with the SEE to develop advanced custom security infrastructures. The SEE enables developers to create an environment where the same protection afforded to keys can be extended to trusted program code, known as Trusted Agents™.
On the other hand:
Wave's newest Embassy platform capabilities include sophisticated policy management capabilities delivered by the authentication server. The Embassy software is designed to allow an IT manager to set varying security policies in a business, so that one department, such as accounting or legal, could be required to logon to trusted computers using biometric sensors, while other departments, such as shipping, could continue using passwords and or smart cards or the TPM itself using PKI certificate authentication. Using the Embassy platform, IT managers can change the departmental security policies as needed.
ETS:
* Centralized TPM Management
* Strong Authentication
* Robust Password Management
* TPM Key Archive Capability
Key Transfer Manager:
Benefits:
* Hardened Security Solution
* Interoperable Across Trusted Platforms
* Security Policies & User Preferences in 1 Location
* Simplified Security
* TCG 1.2 Support
* PC Transfer and Recovery
* Multifactor Authentication
Features:
* Platform Restore & Transfer
* Advanced Functions
* Protection of Secured Data
* Clear Messaging
Crytographic Service Provider
Wave Systems offers a free TCG-Enabled Cryptographic Service Provider (CSP) developer's kit which allows developers to easily enable their applications to utilize the enhanced hardware-based security of a Trusted Platform. A Trusted Platform is defined as one conforming to Trusted Computing Group (TCG) standards and containing a Trusted Platform Module (TPM) security chip. (see list to the right)
By using Wave's TCG-Enabled CSP, an application developer enables TPM-based security through the standard MSCAPI interface without needing to understand vendor-specific requirements regarding the TCG Software Stack (TSS). The TSS is the software on a Trusted Platform that sits between the secure applications and the hardware.
Product Benefits
By using Wave's TCG-Enabled CSP, application developers can now:
* Write an application directly to MSCAPI, utilizing the resident Microsoft OS on the platform, the TSS, and the TPM for cryptography operations.
* Maintain a common user experience independent of the platform.
* Enable the computing marketplace by providing compatibility across different manufacturer's TCG Software Stacks (TSS) implementations and versions.
* Extend the value of trusted platforms through the enhanced security provided by the TPM module.
* Achieve immediate disaster recovery and platform replacement capability through compatibility with Wave's TCG-based products.
=======================================================
I could go on. Ncipher is seriously competitive in managing crytographic keys --- but their core business is not in managing TPMs or the trusted computing infrastructure. Whether this becomes a trivial or substantial difference is open to question. Others, including SKS, should respond to that question. Until I know more threatening information, will remain observant, but not concerned. Managing keys is one thing --- using them to provide effective authentication and attestation is another and nCipher's verbiage does not make it very clear what they provide within the TCG and TNC structures.
Hard to tell if they are fighting for a competitive position or fighting for their lives.
Market Data 
Markets 
