Ground breaking implementation for ECDSA will save industry time and money

Mississauga, Ontario (August 17, 2005) – For almost a decade, mathematicians have been researching faster ways to verify the elliptic curve digital signatures algorithm (ECDSA). Today, Certicom Corp. (TSX: CIC), the authority for strong, efficient cryptography, announced it has found a solution. A team of researchers at Certicom has developed a new implementation for ECDSA that reduces the time needed to verify a digital signature by 40 per cent, making it more efficient than open source and other legacy systems.

Referred to as Fast ECDSA Verify, this new implementation is especially relevant for applications such as Check 21 and epassports that need to process large quantities of information efficiently. This new implementation will also have positive implications for those organizations that are using the ECC-based technology recommended by the National Security Agency to protect national security information.

In today's on-line environment, the use of digital signatures is pervasive as users strive to ensure authentication, integrity and non-repudiation: to prove that a particular piece of information has not been tampered with, and that a specific transaction or information exchange did indeed occur. During the course of an electronic transaction, the sender adds a unique signature and the receiver verifies the signature. Certicom's new implementation saves considerable time when verifying a signature, a critically important step in the digital signature process.

"Digital signatures are incredibly important for ecommerce, epassports, smart cards and many other applications-anywhere you need to provide authentication and integrity. Consequently, this improvement to the verification process has far-reaching implications for government and the private sector," said Dr. Scott Vanstone, Certicom founder and EVP strategic technology. "We're very proud of the fact that researchers at Certicom solved this issue. This groundbreaking research underscores Certicom's expertise in ECC and our ongoing commitment to provide strong, efficient security." Certicom is one of the few private sector companies that continues to invest in cryptographic research.

    Fast ECDSA Verify Comparison 
  • Signature generation time--100 ms (millisecond)
  • Traditional ECDSA verification time--221 ms original cost
  • Fast ECDSA verification time --158 ms 40% speed-up

This October, at Certicom's annual ECC conference in Toronto, Certicom's Dr. Robert Lambert will discuss the mathematics behind this latest development. The focus of the three-day conference is the application of elliptic-curve cryptography to solving security issues and meeting government standards. Other headline speakers include executives from Bell Canada, Intertrust, and XM Satellite Radio. For more information, visit www.certicom.com/conference2005.

Backed by 20 years of experience, Certicom is considered a pioneer in ECC research and implementations. The company developed the industry's first toolkit to include ECC, which has since been adopted by over 300 organizations. The Certicom Intellectual Property portfolio, which includes over 300 patents and patents pending worldwide, covers many key aspects of ECC technology, including software optimizations, efficient hardware implementations, methods to enhance the security, and various cryptographic protocols.

About Certicom
Certicom Corp. (TSX:CIC) is the authority for strong, efficient cryptography required by software vendors and device manufacturers to embed security in their products. Adopted by the U.S. government’s National Security Agency (NSA), Certicom technologies for Elliptic Curve Cryptography (ECC) provide the most security per bit of any known public key scheme, making it ideal for constrained environments. Certicom products and services are currently licensed to more than 300 customers including Motorola, Oracle, Research In Motion, Terayon, Texas Instruments and Unisys. Founded in 1985, Certicom is headquartered in Mississauga, ON, Canada, with offices in Ottawa, ON; Reston, VA; San Mateo, CA; and London, England. Visit www.certicom.com.

For further information, please contact:

Investors and Analysts Media  
Hervé Séguin Brendan Ziolo  
Chief Financial Officer Director of Marketing  
(905) 501-3827 (613) 254-9267  
hseguin@certicom.com bziolo@certicom.com
Certicom, Certicom Security Architecture, Certicom CodeSign, Security Builder, Security Builder BSP, Security Builder API, Security Builder Crypto, Security Builder IPSec, Security Builder SSL, Security Builder PKI, Security Builder NSE and Security Builder GSE are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders.
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer’s products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom’s financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.