Çetin Kaya Koç - Technology


Technology Development

Since 1988, I have been developing cryptography and information security technologies and products. Over the years, I contributed to nearly 20 products in the marketplace. Particularly, I worked on some early and highly successful security toolkits and products such as BSAFE (RSA Security), CDSA (Intel), and the first few (non-commercial) versions of PGP secure email.


CryptoCode, founded in 2003, is a technology company located in Santa Barbara, California, specializing in cryptographic engineering research and development. CryptoCode develops cryptographic hardware and software, analyzes, evaluates and reports on cryptographic products, and also offers on-site or off-site training programs in cryptographic engineering.

Furthermore, CryptoCode also analyzes and reports on the content and scope of intellectual property, patents, and prior art in security and cryptography, and offers legal consulting and expert witness services.

CryptoCode has experience and knowledge in security and cryptography accumulated over two decades. CryptoCode has particular expertise in development of secure (resistant to side-channel attacks), highly-optimized, algorithm-rich and platform-specific cryptographic code in ASM, C, C++, Java, VHDL, and Verilog.

In addition to cryptographic products, CryptoCode also develops IP cores for audio and video encoding and decoding (SBC, AAC, MPEG) and error-correcting codes (BCH, RS).

Over the years, CryptoCode developed several hardware and embedded software IP cores, which are available for immediate delivery, and develops new IP cores, and performs customization services according to the specifications and requirements of its customers. The CryptoCode website CryptoCode.com has the details.

Claveo Project

The primary purpose of the Claveo Project was to develop secure authentication technologies that:
  • are somewhat transparent to the user,
  • are based on strong cryptographic (RSA & AES) algorithms,
  • utilize certain properties of mobile phones, such as physical uniqueness.

The Claveo Project Phase 1 proposal received an NSF SBIR award in 2012, and a demo project was developed using the funds from this source. The demo was intended to show that a user can more securely login to her electronic bank account with the help of the Claveo Protocol, running between the Bank's Server, the Claveo Server, and the Claveo Mobile App running on the user's smart phone.

The current focus of the Claveo Project Group is on the architectural, cryptographic, and usability properties of general-purpose authentication protocols.

The second phase of the Claveo Project started in March 2015. The Claveo Project Phase 2 aims beyond the simple user-server-phone communication paradigm. We are now developing much stronger and more flexible versions of authentication technologies that:

  • are completely transparent to the user,
  • are spontaneous, i.e., works without external stimuli,
  • are based on strong elliptic curve cryptograpy,
  • utilize several properties of participating mobile & wearable devices and tokens.
The protocol relies on computational and physical properties, such as: Presence or Nearness, Active or Passive Participation, Physical Uniqueness, and Cryptographic Engine. As new protocols are developed and their implementations are realized, we will publish technical reports and create demo applications, and announce them in the Claveo web site: Claveo.com.