Certicom Earns FIPS 140-2 Validation on Palm OS

R. A. Hettinga rah at shipwright.com
Wed Nov 12 09:29:52 EST 2003

--- begin forwarded text

Status:  U
Date: Wed, 12 Nov 2003 08:24:28 -0500
To: "Philodox Clips" <clips at philodox.com>
From: "R. A. Hettinga" <rah at shipwright.com>
Subject:  Certicom Earns FIPS 140-2 Validation on Palm OS
Reply-To: "Philodox Clips" <clips at philodox.com>
Sender: <clips at philodox.com>
List-Subscribe: <mailto:clips-on at philodox.com>


   Nov. 12, 2003

Silicon Valley Biz Ink :: The voice of the valley economy

 Certicom Earns FIPS 140-2 Validation on Palm OS

< back

    Security Builder GSE enables developers to quickly add a FIPS 140-2
    validated cryptographic module to their government solutions

    MISSISSAUGA, ON, Nov. 12 /PRNewswire-FirstCall/ - Certicom Corp.
(TSX: CIC), a leading provider of wireless security solutions, today announced
that Security Builder(R) GSE(TM), Certicom's core developer toolkit for
government, has earned the Federal Information Processing Standards (FIPS)
140-2 certification for the Palm OS 4.1 platform (certificate No. 351). This
makes Security Builder GSE the first developer toolkit to provide a FIPS 140-2
validated module for multiple handheld operating systems. In June, Certicom
announced FIPS 140-2 validation on Microsoft Windows and Microsoft Windows CE
operating systems.
    By supporting multiple platforms, Security Builder GSE allows system
integrators and original equipment manufacturers to use a common API to
quickly and easily embed FIPS validated security into their devices and
    Security Builder GSE is the core cryptographic module for all Certicom
security applications which means movianVPN(TM) GSE for Palm and
movianCrypt(TM) GSE for Palm also meet government security requirements. These
products are particularly important to government agencies that need to
securely extend their networks to wireless handhelds but are required to use
only FIPS 140-2 validated applications.
    FIPS is considered a benchmark for security within U.S. and Canadian
government departments and agencies and is becoming a de facto standard
internationally. Products must undergo rigorous testing by an accredited
independent lab to satisfy the governments' standards. FIPS 140-2 is awarded
through the National Institute of Standards and Testing (NIST) and the
Canadian Communication Security Establishment (CSE).
    "We're extremely pleased Certicom has received FIPS 140-2 validation on
the Palm platform. This will now make it easier for government workers to
better integrate their Palm-powered handhelds into their secure networks,"
said John Inkley, director of federal sales for palmOne. "Mobile workers want
more than just secure access to email. They want access to corporate
information and applications too. This validation provides not one, but many
alternative solutions for everything from secure push e-mail to backend
database access and updates. Now users can do it with the confidence that
their security meets the government's most stringent guidelines." Since 1997,
Certicom and Palm have worked together to enable mobile workers to protect
sensitive information with a high level of security, without compromising the
speed and flexibility of wireless devices.
    "Certicom makes it easy for agencies to adhere to the strict security
guidelines mandated by the government while still using the platform of their
choice," said Tony Rosati, Certicom's vice-president, marketing and product
management. "This certification extends our relationship with Palm and
underscores our commitment to provide strong security solutions for multiple
platforms without impacting performance."
    Along with standard cryptography algorithms such as DES, 3DES, AES, SHA-1
and the RSA public key algorithm, Security Builder GSE also includes Elliptic
Curve Cryptography (ECC), a public-key cryptography technique approved by the
U.S. government and many standards organizations including ANSI, IETF, IEEE
and NIST. Last month, the National Security Agency purchased licensing rights
to some of Certicom's ECC intellectual property to protect mission critical
national security information.
    Security Builder GSE is available immediately and is priced with a
license fee and royalties based on the number of devices. For more
information, visit http://www.certicom/gov.

    About Certicom
    Certicom is a leading provider of wireless security solutions, enabling
developers, governments and enterprises to add strong security to their
devices, networks and applications. Designed for constrained devices,
Certicom's patented technologies are unsurpassed in delivering the strongest
cryptography with the smallest impact on performance and usability. Certicom
products are currently licensed to more than 300 customers including Texas
Instruments, Palm, Research In Motion, Cisco Systems, Oracle and Motorola.
Founded in 1985, Certicom is headquartered in Mississauga, ON, Canada, with
offices in Ottawa, ON; Herndon, VA; San Mateo, CA; and London, England. Visit

    Certicom, Security Builder, Security Builder Crypto, Security Builder
SSL, Security Builder PKI, Security Builder GSE, movianVPN, movianCrypt and
movianMail are trademarks or registered trademarks of Certicom Corp. All other
companies and products listed herein are trademarks or registered trademarks
of their respective holders.

    Except for historical information contained herein, this news release
contains forward-looking statements that involve risks and uncertainties.
Actual results may differ materially. Factors that might cause a difference
include, but are not limited to, those relating to the acceptance of mobile
and wireless devices and the continued growth of e-commerce and m-commerce,
the increase of the demand for mutual authentication in m-commerce
transactions, the acceptance of Elliptic Curve Cryptography (ECC) technology
as an industry standard, the market acceptance of our principal products and
sales of our customer's products, the impact of competitive products and
technologies, the possibility of our products infringing patents and other
intellectual property of fourth parties, and costs of product development.
Certicom will not update these forward-looking statements to reflect events or
circumstances after the date hereof. More detailed information about potential
factors that could affect Certicom's financial results is included in the
documents Certicom files from time to time with the Canadian securities
regulatory authorities.

R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

--- end forwarded text

R. A. Hettinga <mailto: rah at ibuc.com>
The Internet Bearer Underwriting Corporation <http://www.ibuc.com/>
44 Farquhar Street, Boston, MA 02131 USA
"... however it may deserve respect for its usefulness and antiquity,
[predicting the end of the world] has not been found agreeable to
experience." -- Edward Gibbon, 'Decline and Fall of the Roman Empire'

The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo at metzdowd.com

More information about the cryptography mailing list