It's broadly accepted that the hardest problem in security in general, and cryptography in particular, is designing products that are sufficiently easy to use that they gain wide public acceptance.
Paul Kocher, president and chief scientist at Cryptography Research, wrote one of the exceptions: Secure Sockets Layer (SSL) version 3, the software best known for securing browser connections.
"SSL is a tremendously successful protocol but an absolute failure, the argument being that it gives the perception of security on devices that really aren't secure in many cases," he said.
Cryptography Research also built the BD+ content protection software embedded in Blu-ray, which was sold on about three years ago. More recently, Kocher has been involved in building an attack-proof multimedia system-on-a-chip to implement content protection. The chip is being licensed by Broadcom for TV set-top boxes.
"My career trajectory began with algorithms. Then I realised they were solved. Then protocols like SSL and then I realised that I wasn't really solving the problem at a grand scale because the software was full of bugs," Kocher explained.
"Then I worked on the software and realised the hardware was horrible underneath. So, the last years I've been working on how to build in security at the chip level. It's the one place where you can't get someone lower down screwing it up."
The video decoding chips licensed to Broadcom are a good example. All content protection software to date, for example the region coding on DVDs or encryption applied to broadcast transmissions, has been successfully defeated by cracking efforts.
"We put it on the hardware because that way you don't need to put restrictions on what the software does. The cable service encrypts it at the head end and it's decrypted into your chip," he said.
"Rogue software is not going to attack it. You're not depending on some number of individuals and organisations to meet your security objective."
It's a business reality that the two largest market segments for cryptography, the ones that are willing to spend money on security as a measurable problem with clear feedback showing success or failure, are anti-counterfeiting and pay TV.
"They're clearly financially motivated. It's not like protecting super-secret information you can get by subscribing. Anyone who breaks it has to distribute the attack in some form, so we know we will find out if we fail," Kocher explained.
Kocher set up Cryptography Research about 15 years ago. Now composed of about 50 researchers in San Francisco, about two-thirds are focused on how to build secure semiconductors and researching how things fail. Other topics of interest include some remaining issues in software and algorithms.
Cotton seedling freezes to death as Chang'e-4 shuts down for the Moon's 14-day lunar night
Fortnite easily out-earns PUBG, Assassin's Creed Odyssey and Red Dead Redemption 2 in 2018
Meteor showers as a service will be visible for about 100 kilometres in all directions
Saturn's rings only formed in the past 100 million years, suggests analysis of Cassini space probe data
New findings contradict conventional belief that Saturn's rings were formed along with the planet about 4.5 billion years ago