Certicom Security Architecture Earns FIPS 140-2 Validation

Thursday 26 May 2005 09:44 CET | News

With the recent FIPS 140-2 validation of Security Builder GSE-C, Certicom Corp enables companies to add government-approved security to their products without undergoing the time-consuming and costly Federal Information Processing Standards (FIPS) process as set out by the National Institute of Standards and Technology (NIST).

Security Builder GSE includes the first FIPS 140-2-validated security module to include several elliptic-curve cryptography (ECC)-based algorithms such as Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Menezes-Qu-Vanstone (ECMQV) for key agreement, and the FIPS 186-2-validated elliptic-curve digital signature algorithm (ECDSA) for authentication. It supports the leading mobile and server platforms and includes cryptography implementations to help companies adopt the National Security Agency (NSA) Suite B public-key recommendations. For the past few years, the U.S. government (through the NSA) has given its nod to elliptic-curve cryptography-based security schemes. With the recently announced NSA Suite B recommendations and entry into the FIPS validation process, ECC is poised to become the dominant public-key cryptography used to protect U.S. government information. By using ECC-based algorithms now, companies get a jump-start on meeting the governments new recommendations. FIPS 140-2 validation is considered a benchmark for security in government. It assures users that a specific security technology has passed rigorous testing under the CAVP (Cryptographic Algorithm Validation Program) and CMVP (Cryptographic Module Validation Program) by an accredited third-party laboratory, and can be used to secure sensitive information. Security Builder GSE acts as a software-based cryptographic provider within the Certicom(R) Security Architecture - a comprehensive, modular and portable solution designed to allow developers to quickly and cost-effectively embed security into applications, and across multiple families and generations of devices. The modular architecture allows the higher level toolkits, SSL, IPSec and PKI to utilize the Security Builder GSE module in FIPS mode. A common application programming interface (API) unifies Certicoms modules to create a plug-and-play security architecture.

Free Headlines in your E-mail

Every day we send out a free e-mail with the most important headlines of the last 24 hours.

Subscribe now

Keywords: ,
Categories: Payments & Commerce | Payments General
Countries: World
This article is part of category

Payments & Commerce

Industry Events