Background

Chiron Software has researched and developed revolutionary techniques for encryption based products. Having studied the demands of the market place, we have started to deliver the first in a range of generic products aimed at meeting these specific needs.

The task of producing the specification enabled Chiron Software to review the Corporate Policy of Customers with respect to data protection. This highlighted that the problem is current for many organisations and there were in particular, three areas of concern, namely

1. How to address the different needs of each department
2. How to understand the ways in which current products could meet these demands
3. How to prioritise and justify deployment of solutions

There are many products available in the data protection market which attempt to address the problems. For the most part, PC-based products lack speed and/or strength and/or flexibility, whilst others are tailored to specific demands and cannot be readily adapted as a solution for differing needs.

The market has been led to believe that block ciphers are the only safe way of protecting data; that stream ciphers have inherent weaknesses. In today's high speed world, the use of block ciphers has created an unacceptable situation where the user must suffer frustrating delays through the known lack of speed of these encryption methods, or pay the premiums for achieving required speeds electronically.

Chiron Software has developed unique techniques in algorithm design and authentication methods to provide fast, safe and flexible solutions to these problems.

For the first time, the whole data communication market can be addressed by these techniques. The flexibility of Chiron Software's technology means that virtually any application can be protected.

Security of data does not necessarily mean encrypting everything - often this can be counter productive. Access Control or Authentication can play significant roles in environments which are otherwise secure and obviously there are environments which can demand a mixture of both.

The selection of protection in certain industries can be achieved from risk analysis of both the threat and the potential loss assessment, in much the same way as any insurance analysis. There are, however, areas where such analysis has to be relatively subjective, such as preventing access to confidential information categorised under criminal rather than civil law. There are a significantly growing number of cases where a corporate's auditors are demanding protection in specific areas, such as telephone links. They take the view that a lack of historic attacks on a given user does not predict a safe future in this respect.

In these cases it can often be useful to determine the cost of such protection by cost effective tailoring of technology to match the problem rather than assessing proprietary solutions which may be a best compromise solution. Obviously the latter could provide the best solution, but with a limited availability of such solutions the former approach has its attractions.