RSA BSAFE(TM) CRYPTO-C ALGORITHMS GAIN NIST
CERTIFICATION
Certification Facilitates Streamlined Procurement and Deployment of RSA's
Security Technology
SAN MATEO, Calif., March 24 /PRNewswire/ -- RSA Data Security,
Inc., a wholly owned subsidiary of Security Dynamics Technologies, Inc.
(Nasdaq: SDTI), today announced that three key algorithms -- DES,
SHA-1, and DSA -- implemented in its BSAFE(TM) Crypto-C security
software development product have been awarded Federal Information
Processing Standard (FIPS) algorithm conformance certification by the
National Institute of Standards and Technology (NIST). As a result, the
more than 400 licensees of BSAFE Crypto-C will be able to utilize the FIPS
approved DES, SHA-1, and DSA algorithms within BSAFE Crypto-C
version 4.11 to quickly obtain FIPS 140-1 certification for their applications.
This certification removes significant procurement and technology
deployment barriers for third parties that develop and sell secure software
applications to the U.S. government agencies. "NIST accreditation is
recognized as a major benchmark for security testing around the world, and
it is a significant milestone for RSA to achieve certification," said Scott
Schnell, senior vice president of marketing for RSA and Security Dynamics
Technologies. "RSA partners using BSAFE Crypto-C software and selling
to the government now can benefit from having a pre-certified cryptographic
module within their application." "We are pleased to be working with a
partner such as RSA that makes high quality and reliability a key priority,"
said Rich Fabbre, TRW Defense Travel System Program Manager. "RSA's
NIST certification signifies this commitment."
The FIPS 140-1 standard covers implementations of cryptographic modules
including hardware components, software programs, computer firmware, or
any combination thereof. The cryptographic modules that comply with the
standard are deemed to employ cryptographic algorithms, cryptographic key
generation algorithms and key distribution techniques, and authentication
techniques that have been FIPS approved for protecting Federal
Government unclassified information. Since June 1997, all federal agencies,
including defense agencies, that use cryptographic-based security systems to
protect sensitive unclassified information within computer and
telecommunication systems, including voice systems, are required to
purchase products that conform to the NIST FIPS 140-1 standard
(www.csrc.nist.gov/fips/). "Receiving this certification for RSA's
implementation of these algorithms in such a widely used software
development kit provides a solid foundation for industry development of
cryptographic products," said Miles E. Smid, chief of the computer security
division at NIST. "We look forward to continued successful collaborative
work with RSA in helping build quality products in which users can have
confidence."
About DES, DSA and SHA-1
The Data Encryption Standard (DES) describes the data encryption
algorithm (DEA) and is one of the best known and most widely used
symmetric algorithms in the world. DES is a symmetric block cipher that
uses a 56-bit key to encrypt and decrypt data. When used for
communication, both the sender and receiver must know the same secret
DES key and provide a separate secure channel for communicating the DES
key from the sender to the receiver. DSA (Digital Signature Algorithm),
issued in 1994, is one of the approved digital signature algorithms for the
U.S. Government. The SHA-1 secure hash algorithm is a hash function that
takes a large message or document and produces a 160-bit digest of the
message which is used in the mathematical construction of a digital signature.
SHA-1 is a revision to SHA that was published in 1994.
About BSAFE Crypto-C
BSAFE(TM) Crypto-C software is one of the world's best-selling
cryptography engines and provides software developers with multiple
algorithms and modules for adding encryption and authentication features to
applications. BSAFE Crypto-C software includes modules for popular
security encryption techniques, such as RSA, DES, RC2, RC4, and Elliptic
Curve Cryptography (ECC), and also supports digital signatures and
certificates.
RSA Data Security, Inc.
RSA Data Security, Inc., a wholly owned subsidiary of Security Dynamics
Technologies, Inc., is a leading supplier of software components that secure
electronic data, with more than 400 million copies of RSA encryption and
authentication technologies installed worldwide. RSA technologies are part
of existing and proposed standards for the Internet and World Wide Web,
ISO, ITU-T, ANSI, IEEE, and business, financial and electronic commerce
networks around the globe. RSA develops and markets
platform-independent security components and related developer kits and
provides comprehensive cryptographic consulting services. RSA can be
reached at rsa.com.
NOTE: RSA, RSA Data Security, Inc., and BSAFE Crypto-C are
trademarks of RSA Data Security, Inc. All other products and companies
mentioned herein may be trademarks of their respective holdings and are
hereby recognized. SOURCE RSA Data Security, Inc.
NYSE/AMEX delayed 20 min. NASDAQ delayed 15 min.
|
