Strength of elliptic curve cryptography meets government and commercial security requirements

MISSISSAUGA, ON (Apr 10, 2007)-Certicom Corp. (TSX: CIC) today announced a partnership with nCipher (LSE: NCH) to provide Certicom's Suite B Power Bundle products for nCipher hardware security modules (HSMs). This will allow nCipher and Certicom customers to quickly comply with the U.S. government's Suite B specifications. The need for stronger security is driving the demand for elliptic curve cryptography (ECC), which is recommended by the U.S. government and is also being adopted by industry to protect valuable information.

ECC is a computationally efficient form of cryptography - an essential building block in security applications - that offers equivalent security to other competing technologies but with much smaller key sizes. This efficiency results in faster computations, lower power consumption, as well as memory and bandwidth savings, thereby making it ideal for today's servers and enterprise applications. Because of this efficiency, organizations can meet growing security requirements, and reduce the number of servers required to manage the cryptographic keys. For example, depending on the hardware platform used, ECC can provide better than a 10:1 performance advantage over RSA and reduces the number of servers required by 7.5:1.

"By offering an ECC-enabled HSM with Certicom's Suite B Power Bundle software tools customers can easily adopt best practice and use hardware to protect their ECC applications as well as having access to the most advanced key management tools available," said Dr Nicko van Someren, chief technology officer at nCipher. "The partnership with Certicom ensures that our customers will have the most efficient and secure implementation of ECC available and be compliant with the latest government standards."

ECC is used in a growing number of sectors ranging from consumer electronics, wireless devices and semiconductors to government and financial services. In 2005, The National Security Agency's (NSA) recommended ECC as the public-key cryptosystem to protect classified and unclassified government communications. These recommendations, known as Suite B, are part of an initiative to upgrade the security infrastructure of the government's communications to meet present and future security needs.

"ECC security technology meets the demanding requirements of many customers, including the U.S. government," said Bernard Crotty, president and CEO of Certicom. "The nCipher partnership provides our government and enterprise customers with a range of deployment options allowing them to develop end-to-end ECC solutions with the highest performance implementations available and hardware protection from the most trusted name in the market."

Under the agreement, nCipher will provide the first high-speed ECC-enabled HSMs on the market and Certicom will provide Suite B software tools for developing complete ECC applications.


nCipher protects critical enterprise data for many of the world's most security-conscious organizations. Delivering solutions in the fields of identity management, data protection, enterprise key management and cryptographic hardware, nCipher enables businesses to identify who can access data, to protect data in transit and at rest, and to comply with the growing number of privacy-driven regulations. nCipher plc is listed on the London Stock Exchange (LSE:NCH). www.ncipher.com


Certicom protects the value of your content, applications and devices with government-approved security. Adopted by the National Security Agency (NSA) for classified and unclassified government communications, Elliptic Curve Cryptography (ECC) provides the most security per bit of any known public-key scheme. As the undisputed leader in ECC, Certicom security offerings are currently licensed to more than 300 customers including General Dynamics, Motorola, Oracle, Research In Motion and Unisys. Founded in 1985, Certicom's corporate offices are in Mississauga, ON, Canada with worldwide sales and marketing headquarters in Reston, VA and offices in the US, Canada and Europe. Visit www.certicom.com

Certicom, Certicom ECC Core, Certicom Security Architecture, Certicom Trust Infrastructure, Certicom CodeSign, Certicom KeyInject, Security Builder, Security Builder API, Security Builder BSP, Security Builder Crypto, Security Builder ETS, Security Builder GSE, Security Builder IPSec, Security Builder MCE, Security Builder NSE, Security Builder PKI and Security Builder SSL are trademarks or registered trademarks of Certicom Corp. All other companies and products listed herein are trademarks or registered trademarks of their respective holders. Information subject to change.
Except for historical information contained herein, this news release contains forward-looking statements that involve risks and uncertainties. Actual results may differ materially. Factors that might cause a difference include, but are not limited to, those relating to the acceptance of mobile and wireless devices and the continued growth of e-commerce and m-commerce, the increase of the demand for mutual authentication in m-commerce transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology as an industry standard, the market acceptance of our principal products and sales of our customer's products, the impact of competitive products and technologies, the possibility of our products infringing patents and other intellectual property of fourth parties, and costs of product development. Certicom will not update these forward-looking statements to reflect events or circumstances after the date hereof. More detailed information about potential factors that could affect Certicom's financial results is included in the documents Certicom files from time to time with the Canadian securities regulatory authorities.