Security toolkit provides FIPS-validated algorithms and support for more than 30 platforms

MISSISSAUGA, Ontario (September 16, 2003) – Certicom Corp. (TSX: CIC), a leading provider of wireless security solutions, today announced the availability of Security Builder® Crypto™ 4.0. This new version of Certicom’s cross-platform cryptographic toolkit includes support for standard-based algorithms, including FIPS-validated algorithms, and support for more than 30 platforms. Security Builder Crypto is designed for developers who need to incorporate encryption, public keys and other security mechanisms over disparate platforms without compromising performance. 

New to Security Builder Crypto 4.0 is support for the Microsoft® Smartphone operating system and Microsoft Windows® CE.Net 4.0 and Itanium (Linux and Windows) platforms. It also includes the addition of FIPS-validated algorithms (considered a benchmark for security by government departments), SHA-2, and uncompressed point Elliptic Curve Cryptography (ECC) public-keys. 

Security Builder Crypto -- which features the core cryptography technology on which the other Certicom developer toolkits and movian™ security applications are built -- continues to be optimized for resource-constrained devices. It is the first toolkit to include standards-based ECC implementations that provide smaller key sizes with a higher strength-per-bit than any other public key today. 

As Advanced Encryption Standard (AES) becomes more widely adopted, efficient public key sizes become an increasingly important consideration. As well, this version includes additional optimizations for MD5, RC4, and RSA. 

Although the FIPS-validated algorithms were a key requirement when LRW Digital (www.lrwdigital.com) recently shopped around for a security toolkit—they were not the only one. LRW Digital provider of off-the-shelf solutions that enable organizations to better secure and manage their wireless devices, also needed a toolkit that supported many platforms and could provide strong security even on resource-constrained devices such as personal digital assistants. They chose Security Builder Crypto since it offers them the level of security they need with minimal integration effort. 

“While the FIPS validation enables our applications to meet strict government requirements, it was Certicom’s expertise that gave them the edge over competing solutions. Using their toolkit, we provide strong security to our customers without compromising performance, even on resource-constrained devices,” said Lowell Kasden, director of marketing and product development at LRW Digital. “Certicom’s experience in cryptography, embedded systems and efficient implementations made them the ideal choice for us. By using Security Builder Crypto, we were able to deliver a flexible, strong and FIPS-validated product to market quickly.”

“Certicom is committed to providing products that address today’s most important security issues. This newest version of Security Builder Crypto underscores that commitment,” said Tony Rosati, vice-president, marketing and product management at Certicom. “Not only does it provide security tools that meet the U.S. Government’s strictest requirements, it enables customers to integrate security across multiple platforms, supporting the diverse needs of their users.”

Security Builder Crypto Benefits and Features

  • Wide interoperability: compliance with FIPS, ANSI, and IEEE standards, and a wide range of algorithms including ECC, RSA, Diffie-Hellman, SHA-1, and AES;
  • Small and fast: optimized for constrained platforms such as ARM and Texas Instruments OMAP, the full cryptographic suite of algorithms within Security Builder Crypto can also be used in desktops and servers;
  • Better performance in resource-constrained devices: as AES replaces older security algorithms, public-key sizes must be increased to provide equivalent strength for AES. ECC provides smaller key sizes with a higher strength-per-bit than any other public key available today; and
  • Improved ROI: the same API for more than 30 platforms means Security Builder Crypto can be easily integrated into applications with no porting required. Some of the platforms supported include AIX, ARM7/9/StrongARM, HP UX, FreeBSD, Linux (x86, SA1110, Itanium, Mac OS, Netware, Palm, RIM, Solaris (x86, SPARC), Symbian, Wind River VxWorks, Windows (x86, Itanium), Windows CE.
    Other toolkits in the Security Builder by Certicom Suite include Security Builder® GSE (a FIPS 140-2 validated cryptographic module), Security Builder® PKI™ (formerly Trustpoint PKI Toolkit, a digital certificate management toolkit), and Security Builder® SSL™ (formerly SSL Plus, a complete Secure Socket Layer protocol toolkit).

Pricing and Availability
Security Builder is available immediately with pricing for developer and distribution licenses. To view a detailed list of supported algorithms and platforms, please visit: www.certicom.com/securitybuilder.

About Certicom
Certicom is a leading provider of wireless security solutions, enabling developers, governments and enterprises to add strong security to their devices, networks and applications. Designed for constrained devices, Certicom’s patented technologies are unsurpassed in delivering the strongest cryptography with the smallest impact on performance and usability. Certicom products are currently licensed to more than 300 customers including Texas Instruments, Palm, Research In Motion, Cisco Systems, Oracle and Motorola. Founded in 1985, Certicom is headquartered in Mississauga, ON, Canada, with offices in Ottawa, ON; Herndon, VA; San Mateo, CA; and London, England. Visit www.certicom.com.

Certicom, Security Builder, Security Builder Crypto, Security Builder SSL, Security Builder PKI, Security Builder GSE, , movianVPN, movianCrypt and movianMail are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders.

Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer’s products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom’s financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities. 

For further information, please contact: 

Tim Cox Brendan Ziolo
ZingPR Certicom Corp.
(650) 369-7784 (613) 254-9267
tim@zingpr.com bziolo@certicom.com