COLORADO SPRINGS, Colo. — The National Security Agency has specified elliptic-curve cryptography (ECC) for a wide range of key agreement and digital signature tasks.

Following the lead of a number of European banks and financial institutions, eTrade Financial Corp. on Tuesday announced that it plans to offer its online banking customers the option of using RSA Security Inc.'s SecurID tokens as an added layer of security for online transactions.

This deal makes eTrade the first major financial institution in the United States to offer two-factor authentication to its customers, a service that many security experts and chief security officers in the financial industry see as a necessity if online banking is to continue to expand. Many banks in the U.K. and Europe offer two-factor authentication options for their customers, including a variety of different one-time password solutions.

Microsoft Corp.'s Belgian subsidiary has launched an electronic ID card pilot program and is looking to integrate authentication for e-ID cards into future versions of the MSN Messenger instant messaging service.

Microsoft Belgium on Monday announced a new Electronic ID Early Adopter program. Under the program, Microsoft will be working with local software vendors to develop e-ID-based applications. Microsoft's MSN division will develop one such application—an authentication service for MSN, according to Microsoft officials.

RUSTON, La. (AP) -- The way you type is as unique as your eye color or speech patterns and can be used instead of a password to protect your computer, researchers at Louisiana Tech and Penn State say.

Their discovery will bring Louisiana Tech its first direct royalty income, university president Daniel D. Reneau said in signing a joint licensing agreement with BioPassword Inc. of Issaquah, Wash.

The Los Angeles Times is reporting that the good folks at Macrovision have unveiled a new system that will thwart 97% of existing DVD copying software while maintaining compatibility with existing DVD players.

Macrovision claims that DVD copying results in $1 billion loss for studios out of $27.5 billion in sales. With piracy resulting in only 4% loss, why are the studios making such a big deal? The article also reports (mistakenly) that the market is pressing 100s of billions of DVD annually.

Who's buying all those DVDs?" I'm skeptical of their claims, since historically Macrovision's anti-copying measures have been little more than easily circumvented snake oil, but maybe this time they've got their plan down.

The Liberty Alliance Project on Friday unveiled the public draft release of a framework for identity-based web services.

The latest release of ID-WSF 2.0 is the first of three that will each add greater depth to the identity-management framework. The final specification including all three releases is expected to be available by end of the year.

RSA Security is preparing to deliver a powerful authentication solution for the long-neglected small to medium-sized business (SMB) market. Called the RSA SecurIDR Appliance, the two-factor authentication appliance will be formally announced Thursday. It will be demonstrated at next week's RSA Conference, in San Francisco.

Recently a flaw in two of Microsoft Office’s applications was revealed by a researcher Hongjun Wu from the Institute for Infocomm Research, Singapore. Microsoft’s response to the issue has been rather inadequate; the so called 'RC4 flaw' could allow data to be recovered from files that have version history.

Interview at Techworld.com with Phil Zimmermann:
http://www.techworld.com/security/news/index.cfm?NewsID=3027