By GARY NORRIS
TORONTO (CP) - Certicom Corp. (TSX:CIC) is in the "prime sweet spot"
to exploit decades of future data-security spending as information
technology adopts cryptography in which it is "the undisputed world
leader," the company's CEO said Thursday.
Elliptic curve cryptography - ECC - an encoding technique based on the
algebraic structure of elliptic curves, is benefiting from "an
evolutionary generational shift" away from RSA, a long-dominant public
key cryptography standard named from the initials of its developers and
based on mathematical manipulation of prime numbers, Ian McKinnon told
Certicom's annual meeting.
The U.S. National Security Agency last year established ECC as the
standard for protecting unclassified government data, following its
earlier adoption for classified information, McKinnon noted.
"We're already seeing this watershed decision drive adoption in the
private sector," he said, adding that it "will help ensure ECC adoption
and Certicom's growth for many decades to come."
Certicom predicts a $6-billion ECC-related market over the next five
years, in operating systems, routers, databases and browsers as well as
newer applications such as mobile devices, sheltering video and other
media content, and securing factory-automation networks.
"When we say ECC is everywhere, we really mean it," McKinnon said.
The Mississauga, Ont.-based company has more than 350 patents and files
15 to 20 new ones annually, McKinnon said, and "it's very, very
difficult to implement and deploy an ECC-based solution without using
technology that Certicom has been fortunate to have in its portfolio."
Asked why the company remains unprofitable - it lost US$1.2 million on
revenue of $4.7 million in the May-July quarter - he cited a strategic
decision to avoid "lumpy" one-time deals.
"We could make this company profitable on any given quarter by taking a
large one-time royalty buyout," he said.
Instead, multi-year recurring-revenue contracts, along with
time-consuming product licensing design for specific customers, "will
provide more consistent and predictable revenue."
Certicom, with no debt and US$42 million in cash after an equity issue
in August, is looking for acquisitions in the "very highly fragmented"
data security industry, McKinnon said.
Management is also aware that Certicom could be vulnerable to a takeover
bid based on its current share value "versus the value of where we
believe we can take the company over the next few years," he said.
"We're not aware that we're targeted" for any takeover, he told
stockholders, and "I can assure you that your company is not for sale."
RSA has recently been acquired for US2.1 billion by EMC Corp., a
U.S.-based maker of data storage systems. EMC has also agreed to pay
US$175 million in cash to acquire privately held security information
company Network Intelligence Corp.
Certicom stock traded Thursday at C$6.18, closing nine cents higher on
the TSX session and down from $6.55 in the August bought-deal financing,
with a 52-week range between $8.75 and $5.09.
The company's patents give it high barriers to entry in "a very complex
field from a mathematics perspective," McKinnon said.
"We don't see another algorithm, if you will, coming up behind us"
while ECC displaces RSA, which been the field's main technology since
the early 1980s.
"It takes years for a technology like ECC to be studied and researched
and accepted," he said, but "when you've got that incumbent position -
and the RSA algorithm really verified this - you're there for not just
years but decades."
McKinnon said Certicom is not currently involved in any patent
litigation, concentrating instead on settlements based on "standard,
fair, reasonable commercial terms."
That said, "ultimately we will defend our patents," and part of the
rationale of the recent stock issue was to provide a war chest for legal
Visit the InfoSec News store!