nCipher to use ECC in hardware security modules to meet enterprise demand and government requirements
MISSISSAUGA, Ontario – (October 3, 2005)– Certicom Corp. (TSX: CIC) today announced that nCipher has licensed Certicom's intellectual property portfolio to meet customer demand for elliptic curve cryptography (ECC) and also to meet the latest requirements from the National Security Agency (NSA) for securing classified and unclassified government communications. This agreement allows nCipher to use ECC and other related Certicom patents as the public-key security technology in its hardware security modules and software solutions.
Increasingly, corporations and government organizations are using ECC to protect mission critical applications and in turn want ECC keys protected in hardware security modules (HSM)-nCipher's core business. HSMs are used by organizations to protect cryptographic key material from physical or electronic tampering thereby ensuring that an organization's keys are secure and the software security mechanisms themselves are protected. nCipher's unique SecurityWorld™ key management architecture is now able to protect ECC keys throughout their complete lifecycle.
"The adoption of ECC has turned a corner during the past 18 months and is increasingly demanded by many of our customers. This is a sure sign that the market for ECC has matured and is beginning to go mainstream," said Dr Nicko van Someren, chief technology officer at nCipher. "The heightened awareness for security has led to a desire to better understand cryptographic systems. Not only has the NSA recognized the value of ECC, customers too appreciate the value it offers in terms of strength, efficient size and longevity."
nCipher has built its reputation on meeting customer needs and industry standards. The company's HSMs are flexible with support for many application programming interfaces (API) including PKCS #11, and multiple curves from NIST and ANSI, as well as custom curves. nCipher's HSMs are validated to FIPS 140-2 level 3 and nCipher was the second company to receive FIPS 186-2 Validation for ECDSA (Certicom was number one). Now through this agreement with Certicom, nCipher will also meet the complete NSA Suite B requirements.
The NSA specifications-known as Suite B-require ECC for key agreement and digital signatures and the advanced encryption standard (AES) for encryption[1]. Suite B is one of the initiatives undertaken by the U.S. government under its Crypto Modernization Program to promote interoperability while ensuring strong security to protect government communications.
"As a leading player in the security industry, nCipher understands cryptography and the value of ECC," said Ian McKinnon, president and CEO of Certicom. "By supporting the ECC algorithms being used by its customers and by meeting NSA's Suite B requirements, nCipher continues to stay at the forefront of its industry, offering best-in-class security solutions for the government and commercial sectors."
ECC is a computationally efficient form of cryptography that offers equivalent security to other competing technologies but with much smaller key sizes. This results in faster computations, lower power consumption, as well as memory and bandwidth savings, thereby making it ideal for today's resource-constrained environments. Certicom's patent portfolio covers many key aspects of cryptography and ECC in particular, including software optimizations, efficient hardware implementations, methods to enhance the security, and various cryptographic protocols.
nCipher's range of HSMs protects cryptographic keys in a highly secure hardware environment, enabling them to be effectively managed and safely stored. Every nCipher HSM has received an independent FIPS 140-2 security validation, the de facto security benchmark for cryptographic modules.
nCipher currently supports ECC in the nShield™ 800 and netHSM™ 800 model HSMs. The products feature FIPS-validated implementation of ECDSA plus support for ECDH key exchange protocol. nCipher's customers have already successfully deployed ECC-capable HSMs in a variety of security-critical market applications such as ID and passport issuance and digital media distribution. The products are suitable for both use with commercial security applications and the development of custom application logic using CipherTools™ and CodeSafe™ toolkits. nShield 800 and netHSM 800 are available from stock.
About nCipher
nCipher is a leading provider of cryptographic security, enabling our customers to meet the challenges of verifying identity, protecting data and complying with security regulations. nCipher's solutions provide a unified approach to cryptographic management providing strict access controls and high assurance trusted processing, overcoming traditional issues of scalability, performance and weak platform security. The world's leading organizations work with nCipher to protect security critical systems such as web site infrastructure, online banking and payment processing networks, PKI, web services, databases and digital rights management schemes.
nCipher is the winner of the Microsoft Security Solution of the Year award 2004. The company is listed on the London Stock Exchange (LSE:NCH) and is a member of the FTSE TechMARK and index with offices in Cambridge, UK; Boston, Washington, Hamburg and Tokyo. For more information on nCipher, visit www.ncipher.com
About Certicom
Certicom Corp. (TSX:CIC) Certicom Corp. (TSX: CIC) is the authority for strong, efficient cryptography required by software vendors and device manufacturers to embed security in their products. Adopted by the U.S. government's National Security Agency (NSA), Certicom technologies for Elliptic-Curve Cryptography (ECC) provide the most security per bit of any known public-key scheme, making it ideal for resource-constrained environments. Certicom products and services are currently licensed to more than 300 customers including Motorola, Oracle, Research In Motion, Texas Instruments and Unisys. Founded in 1985, Certicom is headquartered in Mississauga, ON, Canada, with offices in Ottawa, ON; Reston, VA; San Mateo, CA; and London, England. Visit www.certicom.com.
For further information, please contact:
For Certicom | ||
Tim Cox | Brendan Ziolo | |
ZingPR | Certicom Corp. | |
(650) 369-7784 | (613) 254-9267 | |
tim@zingpr.com | bziolo@certicom.com |