Compaq Secures Wireless e-Mail

SAN JOSE, Calif. – Compaq Computer Corp. is readying a number of security enhancements for its iPaq device including an embedded feature to lock down wireless e-mail.

The technology, dubbed Multiprime, uses an extension to the algorithm from RSA Security Inc. built into the handheld device that allows for secure messaging with little computing overhead, according to Bob Dennis, manager for new business development, Internet and e-commerce security, in Compaqs security products group.

“It will be transparent to the user,” Dennis said.

Dennis showed a prototype of Multiprime at the RSA Conference 2002 here which indicated significant improvement in performance with the embedded technology over traditional wireless cryptography methods. While Multiprime appears to allow secure access to e-mail on the iPaq with little delay, a similar test of 1,024 key cryptography on a Palm device “ran the battery dead,” Dennis said.

Multiprime, which is the result of development targeting wireless transactions for government, is still in tests, but should be available in about a month, he said.

At the conference, Houston-based Compaq demonstrated a number of other security enhancements to Microsoft Corp.s PocketPC operating system designed to improve the security of data on handhelds as well as the devices themselves.

Among the improvements is a replacement of PocketPCs simple four-character access password with a nine-character alpha-numeric version. In addition to being more difficult to guess, the password feature cannot be defeated by rebooting the device and it allows a user only three guesses at the password before erasing all of the data in the devices memory.

Legitimate users who lose data inadvertently can reset their handhelds by linking with their host system, officials said.

Compaq has also modified the PocketPC OS to forbid linking the devices to anything but an approved host machine, such as a PC. The safeguard will prevent the iPaq and other PocketPC devices from being used for unauthorized transport of corporate data, officials said.

The security enhancements for the Pocket PC come on a CD and any Pocket PC device can be upgraded to the higher level of protection, officials here said. The enhancements are pending certification with the British military and NATO and are available in Europe now. They will be released in the U.S. when the certification process is complete, according to Compaq officials.

The work mirrors work Compaq is doing to bolster security on Windows desktops. Among the PC improvements are tools to restrict the connection of devices like CD burners and modems to desktops. The enhancements are available now for machines running Windows NT and Windows 2000. Security enhancements for Windows XP are due in the coming weeks, officials said.