Business Wire, 9 July 1996: Note To Editors: For more information on the NIST initiative, please refer to the NIST press release: "NIST, Industry Partners to Develop Specifications for Public Key Infrastructure," July 9, 1996. ---------- Certicom to Partner with NIST to Develop Specifications for a Public Key Infrastructure; Certicom signs agreement with NIST to contribute cryptographic expertise Toronto -- Certicom Corp. a leading information security company, today announced that it will participate in an initiative by the U.S. Commerce Department's National Institute of Standards and Technology (NIST) which will lead to the development of the elements of a public key infrastructure (PKI). A PKI will enable individuals and organizations who have never met to electronically send and receive documents which have been digitally signed. NIST announced today that it is partnering with several companies who bring specialized experience in providing products or services related to PKI components. "Certicom is excited about the establishment of this PKI project. It represents a proactive initiative by the Commerce Department to develop standards based on existing technology and commercial and government requirements by soliciting the active participation of key industry players," said Skip Hirsh, Director of U.S. Government Marketing for Certicom. "The strong leadership position taken by NIST will accelerate the deployment of practical public key infrastructures essential for the secure exchange of electronic data." "Certicom will contribute significant cryptographic experience to the partnership, particularly with the Elliptic Curve Cryptosystem (ECC) which is the most efficient public key technology available," commented Gary Hughes, president and CEO of Certicom. "ECC is a critical, enabling technology for this NIST project because of its efficiency in the high volume applications that are common in PKIs." ... Other partners that NIST has signed cooperative research and development agreements (CRADAs) with include: AT&T Government Markets, BBN Corp., Cylink Corp., DynCorp Information & Technology Inc., Information Resource Engineering Inc., Motorola, Northern Telecom Ltd. (Nortel), SPYRUS, Inc. and VeriSign, Inc. The goal of the partnership is to develop a minimum interoperability specification for the technical components of a PKI. The results will be shared with participating companies, the appropriate standards-making bodies, federal government agencies and industry organizations that are working on aspects of PKI development. A public key infrastructure relies on public key cryptography in which each user has a key pair consisting of a public and private key. The public key must be digitally signed by a central authority to ensure its authenticity. Digital signatures are cryptographic techniques which are used for data integrity, authentication and nonrepudiation. The process of digitally signing public keys is known as certification and is the main purpose of a public key infrastructure. Certicom expects to demonstrate the benefits ECC provides to large-scale PKIs in which numerous users are signing and verifying documents. Elliptic Curve Cryptosystems have the highest strength per bit of any known public key system, minimizing the requirement for large key sizes. Cryptographic processes based on ECC provide efficient computation techniques which reduce communications and computation time, thereby substantially reducing costs. Certicom is a developer of information security products and technologies and is the leader in Elliptic Curve Cryptosystems, the world's most efficient public key technology. The company specializes in applications where the combination of cryptographic strength and high efficiency are critical. Certicom's primary markets are in wireless, smart cards, banking and electronic commerce over the Internet. Visit Certicom's home page at www.certicom.ca. -----