Certicom Security Brings FIPS 140-2 Certification, ECC Performance
Advantages to Nortel Application Server 5300
MISSISSAUGA, ON, Sept. 29 /CNW/ - Nortel(TM) has licensed security
technology from Certicom (TSX: CIC) to enhance cryptographic performance and
simplify creation of FIPS 140-2 certified applications with its newest Unified
Communications platform for U.S. Federal Government agencies.
This includes Certicom's Suite B Power Bundle with Elliptic Curve
Cryptography (ECC). Nortel plans to integrate Certicom ECC algorithms into its
Application Server 5300, bringing this open, Session Initiation Protocol
(SIP)-based software platform into conformance with U.S. National Security
Agency (NSA) recommendations for cryptographic implementation.
Nortel has also licensed Certicom's Security Builder(R) GSE(TM), which
provides a pre-approved FIPS 140-2 cryptographic module for application
development, saving both development time and cost of certification.
Generally available since early this month, Nortel Application Server
5300 is designed to provide unified IP telephony, conferencing, voice mail and
instant messaging that meets stringent federal government security and service
assurance requirements. Certicom's technology adds a scalable,
high-performance crypto system at low cost and with low overhead.
"We're experts at developing solutions that meet or exceed the most
rigorous security requirements," said Chuck Saffell, chief executive officer,
Nortel Government Solutions, which provides networking solutions and IT
services for a number of U.S. Federal agencies.
"Adding Certicom technology to Nortel's Application Server 5300 makes a
strong solution even stronger for government agencies seeking to maintain high
security and reliability while moving their networks to VoIP and Unified
Communications," Saffell said.
FIPS 140-2 is the security requirement for cryptographic modules as
defined by the National Institute of Standards for Technology (NIST). The
standard is required for sale of products implementing cryptography to the
U.S. Federal Government. Companies that lack a FIPS 140-2 validation and are
unable to prove that such a validation is being obtained will not be able to
access the government market with their products.
Suite B is the set of cryptographic algorithms recommended by the NSA to
secure classified and unclassified communications. In 2005, the NSA
recommended ECC as the public key crypto system to protect government
communications. Known as Suite B, these recommendations are part of an
initiative to upgrade the security infrastructure of government communications
to meet present and future security needs. ECC is used in a growing number of
sectors ranging from networking, consumer electronics, wireless devices and
semiconductors to government and financial services.
Certicom's industry-leading experience shortens the Licensee's time to
market, while making their products more secure and reliable by providing
security updates through Certicom's world class support organization. Another
benefit of Certicom's ECC technology is optimized quality and performance of
"As federal government customers embrace Unified Communications with
Nortel's Application Server 5300, they can be confident that they have the
highest level and best performing encryption available," said Jim Alfred,
director of product management for Certicom.
Certicom manages and protects the value of content, applications and
devices with government-approved security. Adopted by the National Security
Agency (NSA) for government communications, Elliptic Curve Cryptography (ECC)
provides the most security per bit of any known public-key scheme. As the
global leader in ECC, Certicom's security offerings are currently licensed to
hundreds of multinational technology companies, including IBM, General
Dynamics, Motorola, Oracle and Research In Motion. Founded in 1985, Certicom's
corporate offices are in Mississauga, Ontario, Canada with worldwide sales and
marketing headquarters in Reston, Virginia and offices in Europe and Asia.
Certicom Safe Harbor Statement
Except for historical information contained herein, this news release
contains forward-looking statements that involve risks and uncertainties.
Forward-looking information includes information concerning Certicom's future
financial performance, business strategy, plans, goals and objectives. When
used in such documents, the words "plans", "expects", "budget", "scheduled",
"estimates", "forecasts", "intends", "anticipates", "will", "believes" or
variations of such words and phrases often, but not always, identify forward
looking statements. Factors which could cause actual results or events to
differ materially from current expectations include, among other things: the
ability of Certicom to successfully implement its strategic initiatives and
whether such strategic initiatives will yield the expected benefits; the
ability of Certicom to develop, promote and protect its proprietary technology
security breaches or defects in Certicom's products; competitive conditions in
the businesses in which Certicom participates; changes in consumer spending;
the outcome of legal proceedings as they arise; general economic conditions
and normal business uncertainty; consolidation in Certicom's industry and by
its customers; customer preferences towards product offerings; the risk that
customers may cancel their contracts with Certicom; reliance on a limited
number of customers; demand for ECC-based technology; performance of
Certicom's management team and Certicom's ability to attract and retain
skilled employees; operating Certicom's business profitably; fluctuations in
revenue and foreign currency exchange rates; interest rate fluctuations and
other changes in borrowing costs; the ability to develop and maintain
strategic relationships; and other factors identified under the heading "Risk
Factors" in Certicom's annual information form dated July 21, 2008 and filed
on SEDAR at www.sedar.com.
For further information:
For further information: John Conrad, Merritt Group, Inc., (703)