Symantec unveils new SSL algorithms and web security products
Symantec unveiled new updates to its Website Security Solutions portfolio with capabilities to meet the increasing security and performance needs for connected businesses. The end result is to deliver trusted shopping, trusted advertising and trusted applications for businesses and their customers.
The company also announced the first available multi-algorithm SSL certificates with new ECC and DSA options. These offerings will help organizations protect their web eco-systems and strengthen the foundation of trust online.
Symantec is the first CA to offer commercially available SSL certificates using Elliptic Curve Cryptography (ECC) and Digital Signature Algorithm (DSA). ECC is currently scheduled to be available in Symantec Managed PKI for SSL first half of 2013. Based on internal testing, ECC advancements deliver the following advantages:
- Greater security as Symantec ECC will be 10,000 times harder to break than an RSA 2048-bit key based on industry computation methods. Symantec 256-bit ECC certificates offer the equivalent security of a 3072-bit RSA certificate.
- Improved server performance during peak loads with the ability to process more requests per second with lower CPU utilization, which becomes more important as mobile and tablet adoption place increasing demands on web infrastructure.
- Improved server-to-desktop performance and response time. Internal testing showed a server with an RSA certificate handled 450 requests per second with an average response time of 150 milliseconds to the desktop clients. The server with an ECC certificate under the same conditions netted an average response of just 75 milliseconds.
ECC delivers scalability to handle the demands of online interactions across billions of connected endpoints, enabling organizations to make greater gains in their online information sharing, cloud services and global ecommerce initiatives. For end users, improved computational performance and enhanced infrastructure utilization increase their overall productivity for a more favorable experience.
Symantec Secure App Service delivers an industry first in offering a hosted code-signing service for companies and app stores to secure their third-party or company-owned applications. This new cloud-based service assures users the application they are using is trusted and authenticated and has not been maliciously tampered with.
For the app developer, the Secure App Service provides full audit and reporting capabilities to track activity for better control and protection. Available today with a SOAP API for integration within the enterprise environment, Secure App Service is scheduled to be available this summer with a full management GUI.