Certicom's VoIP security product will be based on select modules from its mature suite of embedded security software. Certicom pioneered eliptical curve cryptography, said to reduce processing requirements compared to older algorithms -- a characteristic especially desirable in resource-constrained embedded devices, it says.

Certicom says that security risks related to VoIP and FMC are not yet well understood. However, it believes the strong authentication, secure key management, and "trusted boot" capabilities provided by VoIP-tailored versions of its basic security modules can do much to help preempt attacks on FMC systems, including both IMS and UMA systems (Internet multimedia subsystems, and unlicensed mobile access, respectively).

Certicom "Security Builder" modules expected to be available as part of its VoIP offering include:

• ETS (embedded trust services)
  
• CodeSign (for secure firmware updates)
  
• BSP (board support package)
  
• SSL
  
• IPSec
  
• GSE
  
• Crypto

Rick Pitz, product manager, stated, "Manufacturers of VoIP devices need to provide multi-level protection that doesn't significantly impact performance."

Certicom's VoIP security suite will support Windows XP Embedded, Windows CE 5.0, and Windows Mobile 5.0, among other OSes, a spokesperson confirmed.

Availability

Certicom Security for VoIP will reach availability this quarter, with support for a wide range of hardware architectures and operating systems, the company says. Pricing will be based on the number of architectures and OSes required, and may include developer licenses, royalties, support, and services.

---

Related Stories:

• Toolkit adds security to .NET CF apps
  
• Primer on elliptical curve cryptography
  
• Embedded-oriented SSL, SSH suite launches
  
• Making the case for embedded digital rights management
  
• Secure WiFi client stack supports Windows CE
  
• Security software, hardware vendors eyeing device market
  
• Third generation mobile IP telephony gains security, supports Pocket PC