Dated June 20, 2000
Business Line, Pune

An agreement has been signed between the Indian Institute of Science (IISc.), Bangalore, and the Pune-based Centre for Development of Advanced Computing (C-DAC), for the development of Internet security project.

The project focuses on design and development of core technologies essential for ensuring security, authenticity, integrity and non-repudiation of information flow on public networks, Shri. R.K. Arora, Executive Director, C-DAC to Business Line.

Mr. Arora said that some of the major products planned for development under this program include C-DAC's Virtual Private Network (C-VPN), C-DAC's crypto package (C-Crypto) and prototype eCommerce application as technology demonstrator for C-VPN and C-Crypto.

He added that the project was likely to be completed by this fiscal year end. The technologies to be developed under this project are of a non-specific nature and are applicable for any information transfer over networks.

He pointed out that the best cryptography product which is currently available globally is BSAFE Crypto C package of RSA Inc., US. This product meets all the requirements of the C-VPN project. He noted that the US export control regulation on any cryptographic packages to India precludes availability of the above package or its equivalent in the country.

Mr. Arora said that what is considered as strong encryption (greater than 40 bit keys for symmetric key cryptosystems and greater than 512 bit keys for public key cryptosystems) is unlikely to be available for import into the country in the future too.

For the eCommerce transactions a minimum of 1024 key bit encryption was required while for defence purposes required 2,048 key bit. Mr. Arora said that for this project, cyber authorities or depositories would have to be set up who would be given the enabling powers of discretion.