Cypherspace Internet Security
Cypherspace Internet Security is an applied cryptography consulting
company.
Types of cryptography related work Cypherspace Internet Security
team will undertake:
design, review, implement:
- strategic security and cryptography technology advice
- support for open-source cryptographic libraries
- design of cryptographic protocols
- advising on cryptographic protocol and standard selection
- advising on cryptographic library selection
- reviewing existing cryptogaphic protocol designs
- review cryptographic related implementations for correctness
against specifications, or against stated security
objectives
- web security components: implement and debug,
and advise on module selection
- implement cryptographic related software, to your design or
combine with protocol design services based on requirements
product accreditation related:
- assist attaining Common Criteria (CC) certification
of software products
- assist attaining FIPS-140-1 and 2 certification of
software products
past work, cypherspace team members have:
- written parts of cryptlib cryptographic library
- implemented extensions to openSSL
- custom protocol design, implementation in java and C
- speed and size optimized cryptographic construct
implementation for driver level encryption software
(for company selling product suite used by a number of fortune
100 companies)
- elliptic curve crypto library work and protocol design
- perl cryptographic implementation and debugging third party
software
The work ranges from 10,000 line plus library code, writing CC
Security Target documentation and providing a consultant as technical
contact for accreditation, to a few hours well placed advice for
programmers trying to coax buggy crypto software to inter-operate.
Over the last 5 years we have worked on dozens of projects, to date
all have been through word of mouth (this web page is a recent
addition).
Our wealth of experience with diverse cryptography related systems
often means we have answers to what appear tough problems ready to
hand. Experience with system weaknesses and the cryptographic
literature means protocols we design use proven constructs, and avoid
re-introducing known flaws and common traps for the unwary.
contact: