Search: 

Home > About CoreStreet > News and Events > Press Releases > 2003

• The CoreStreet Advantage
• CoreStreet Products
  • Public Key Infrastructure
  • PIVMAN System
  • Physical Access Control
• CoreStreet Solutions
  • Government
  • Business and Industry
  • Identity Services Infrastructure
• About CoreStreet
• Subscribe
• Contact Us
  • Americas
  • APAC
  • EMEA
• Support

Press Release

CoreStreet Releases Real Time Credential Validation Authority; Promises Inexpensive, More Secure Certificate Validation

Standards Compliant Product Uses New Proof Technology to Provide Secure Validation for ID Cards, Laptops, Networks and Other Real World Applications

BOSTON, Massachusetts (June 23, 2003)

CoreStreet, a leading provider of authorization and validation technology, today announced the availability of version 2.5 of its Real Time Credential Validation Authority (RTC VA), an Online Certificate Status Protocol (OCSP) compatible system that promises more secure and cost-effective validation for digital certificates. The RTC VA is built on the Real Time Credential Foundation, a developer framework based on CoreStreet's patented encryption proof technology. The RTC VA is the only OCSP solution that guarantees scalability without sacrificing performance, availability and security.

The RTC VA works by sending small codes – as little as 20 bytes – called “proofs” to establish certificate validation. The proofs can be used to determine the validity of a digital certificate or establish individual privileges or access rights. Unlike previous public key infrastructure (PKI) implementations, the RTC VA does not require secure responders. By eliminating the need for costly security measures such as encryption, server protection, and secure communication lines, the RTC VA greatly reduces implementation and maintenance costs for PKI security.

“Our computing environments are quickly moving from a session-based world to a transaction-based one. This switch puts an enormous strain on security, especially since transactions are much more dynamic than sessions,” said Pete Lindstrom, research director of Spire Security. “Real Time Credentials and the RTC VA make PKI more effective by offering a lightweight and scalable way to secure each transaction.”

“The best way to make a system fast, fail-proof and affordable is to distribute it among many locations,” said CoreStreet President Phil Libin. “Unfortunately, validation technologies of the past were tied to slow, centralized servers. With the RTC VA, we've broken through the distribution limit. Because our validation messages are pre-generated and individually protected, they can be stored on unprotected servers and sent over public lines without giving up any inherent security. The RTC VA is the first product to make ubiquitous validation and authorization truly practical.”

The RTC VA is fully compatible with current security standards such as X.509 digital certificates and OCSP validation protocols. An organization already using PKI products can typically plug in the RTC VA without making any changes to their existing infrastructure.

Benefits of the CoreStreet’s RTC VA include:

• Increased Security—Since certificate status requests go to the responders and not to the authority, the authority does not open itself to inbound traffic and therefore remains protected from external threats and possible software exploits.

• Lower Cost—Since the RTC VA responders do not require secure communication, housing, or operation, the costs of deploying them in a widespread fashion are greatly diminished. Additionally, the technology can be deployed on industry standard Web server platforms, further reducing deployment costs.

• Greater Scalability, Availability, and Survivability—By separating the delivery process from the security of sensitive operations, responders can be located anywhere and in greater numbers. This distributed approach eliminates the danger associated with a single point of failure and allows the system to scale to massive volumes.

• Dynamic Privileges—Unlike older validation technologies, the RTC VA can handle a nearly unlimited number of multiple, independently managed and dynamically updated privileges for each certificate. Privileges can be changed without having to re-issue the certificate.

Patented Proofing Technology

The RTC VA is built on the Real Time Credential Foundation (RTCF). This foundation enables software developers to build applications based on CoreStreet's real time proof technology. At the heart of the RTCF is the concept of self-validating proofs. These proofs enable validation which is fast, efficient, secure, disconnected and, most importantly, without the use of secrets. Since ensuring secrecy is one of the hardest things for a computer or network to do, removing the need for secrecy enables dramatic simplification and cost savings over traditional approaches.

With 14 awarded patents regarding validation technology, CoreStreet continues to bring security, safety and convenience to the security sector by bridging the gap between the physical and digital world. Silvio Micali, CoreStreet's chairman and chief scientist invented the technology over the past eight years. Micali, an MIT professor and world-renowned cryptographer, is known by many as father of the modern theory of proof systems.

About CoreStreet

Bridging the security gap between physical and information security, CoreStreet provides the only secure authorization and validation technology for connected and intermittently connected environments. Combining security, safety and convenience, CoreStreet enables organizations to grant or revoke an individual's access rights to a building, computer network, laptop or wireless devices immediately in real time. The company, headquartered in the Boston area, holds 14 patents with more pending. For more information, visit www.CoreStreet.com.

CoreStreet and Real Time Credentials are trademarks of CoreStreet Ltd.

Copyright © 2008, CoreStreet Ltd. | Legal Notices | Privacy Policy | Glossary | Library | How to Buy | Contact |