WinMagic Awarded FIPS 140-1 Level 2 and First AES Validations At the Opening Ceremony of the CMVP Conference 2002 in Washington DC, March 26 2002.Business Editors WASHINGTON--(BUSINESS WIRE)--March 26, 2002 Abstract: - WinMagic Inc has scored two major successes by receiving the first AES Cryptographic Module Validation Program (CMVP) certification from NIST and also the first FIPS 140-1 validation for a disk encryption software product. - Federal regulations make FIPS 140 validation mandatory for Government application. - Certification positions SecureDoc as the highest-security disk encryption for both Governmental and commercial use. - PKCS-11 architecture allows SecureDoc to be the most versatile encryption solution, as stand-alone software or integrated with smart cards, biometrics or PKI systems. WinMagic Inc. will be honored to accept the worldwide first Advanced Encryption Standard (cryptography, algorithm) Advanced Encryption Standard - (AES) The NIST's replacement for the Data Encryption Standard (DES). The Rijndael /rayn-dahl/ symmetric block cipher, designed by Joan Daemen and Vincent Rijmen, was chosen by a NIST contest to be AES. (AES) certification pursuant to the Cryptographic Module Validation Program The Cryptographic Module Validation Program (CMVP) is a joint American and Canadian security accreditation program for cryptographic modules. The program is available to any vendors who seek to have their products certified for use by the U.S. (CMVP CMVP Cryptographic Module Validation Program (NIST/CSE) CMVP Certified Measurement and Verification Professional ) at the opening ceremonies of the CMVP Conference 2002 in Washington DC. This special award is being presented jointly by the US Government National Institute of Standards and Technology National Institute of Standards and Technology, governmental agency within the U.S. Dept. of Commerce with the mission of "working with industry to develop and apply technology, measurements, and standards" in the national interest. (NIST (National Institute of Standards & Technology, Washington, DC, www.nist.gov) The standards-defining agency of the U.S. government, formerly the National Bureau of Standards. It is one of three agencies that fall under the Technology Administration (www.technology. ) and the Canadian Government Communication Security Establishment (CSE (Certified Systems Engineer) See Microsoft certification. ). The National Institute of Standards and Technology (NIST) has been working with industry and the cryptographic community to develop an Advanced Encryption Standard (AES). The objective is to develop a Federal Information Processing Standard Federal Information Processing Standards (FIPS) are publicly announced standards developed by the United States Federal government for use by all non-military government agencies and by government contractors. (FIPS (Federal Information Processing Standards) A series of publications issed by the U.S. National Institute of Standards and Technology (NIST) that specifies information security guidelines for federal government departments and agencies. ) that specifies an encryption algorithm capable of protecting sensitive government information well into the 21st century. In October 2000 NIST announced that Rijndael algorithm has been selected as the proposed AES. In early March 2002, it published the AES test tool for the CMVP. On March 26, 2002, NIST shall recognize WinMagic Inc. accomplishments with the first AES validation in this program. Coincidentally, NIST approved WinMagic's SecureDoc Disk Encryption FIPS 140-1 level 2. Both the FIPS 140-1 certification as well as AES CMVP certification will be awarded to WinMagic Inc. at the CMVP conference 2002 in Washington DC, March 2002. US federal agencies and departments are required to comply with FIPS 140-2 and utilize FIPS 140 certified cryptographic devices when they exist. Any possible waivers to this requirement must be approved directly by the head of the agency. By receiving FIPS 140-1 certification for its SecureDoc Disk Encryption, WinMagic fulfills these requirements, and additionally, can support security initiatives such as HIPAA (Health Insurance Portability & Accountability Act of 1996, Public Law 104-191) Also known as the "Kennedy-Kassebaum Act," this U.S. law protects employees' health insurance coverage when they change or lose their jobs (Title I) and provides standards for patient health, . "WinMagic's commitment to excellence is again demonstrated by their decision to reach for the higher FIPS 140-1 level 2 security rating by NIST," says Laurie Mack, director cryptographic services at IBM Global Services IBM Global Services is the world's largest business and technology services provider. It is the fastest growing part of IBM, with over 190,000 professionals serving customers in more than 160 countries. , Domus lab in Ottawa, Canada, the lab conducting the FIPS validation for SecureDoc. She goes on to point out that: "While most software products can only achieve level 1 validation, WinMagic's excellent design has enable SecureDoc to go for level 2 and a number of the level 3 requirements. This achievement underscores a trusted platform not only for the government, but for any enterprise that wishes to protect its valuable digital data and transactions." "We are pleased with the speed the industry is embracing the AES algorithm. NIST has been validating cryptographic products that may be used in the US Federal Government" Annabelle Lee, director of CMVP, for NIST says about WinMagic's achievement. "Because FIPS is an acknowledged standard, we expect commercial customers will also demand FIPS validated products. The availability of such products is just helpful to users". "WinMagic Inc. has the only disk encryption certified by the NSA NSA abbr. National Security Agency Noun 1. NSA - the United States cryptologic organization that coordinates and directs highly specialized activities to protect United States information systems and to produce foreign for classified data. Now, SecureDoc has the only disk encryption with FIPS 140-1, thus approved for sensitive but unclassified The introduction to this article provides insufficient context for those unfamiliar with the subject matter. Please help [ improve the introduction] to meet Wikipedia's layout standards. You can discuss the issue on the talk page. data for US government agencies and departments." says Jim Armstrong, WinMagic's National Sales Manager. "We believe we have the most secure Disk encryption products worldwide, both affordable and extremely versatile products for all organizations undertaking the protection of its valuable data." About DOMUS Information Technology Security Laboratory, IBM Canada Limited. DOMUS ITSL ITSL Invision Top Site List ITSL Integrated Technology Solutions Limited was one of the original three, and the only Canadian laboratory, accredited accredited recognition by an appropriate authority that the performance of a particular institution has satisfied a prestated set of criteria. accredited herds cattle herds which have achieved a low level of reactors to, e.g. to conduct FIPS 140 validation testing in 1995. They have conducted validation testing for the most cryptographic modules with experience in software, hardware, VPNs, smartcards and tokens, PKI, wireless, etc, ranging from Level 1 to 4. The first software cryptographic module validation testing, the first Java cryptographic module and now the first AES algorithm were all achieved through DOMUS ITSL. DOMUS ITSL is also approved to conduct Common Criteria evaluations in the Canadian Common Criteria Evaluation and Accreditation Scheme. About WinMagic Inc. WinMagic Inc. is a privately held company privately held company A firm whose shares are held within a relatively small circle of owners and are not traded publicly. located in Mississauga, Ontario, Canada, that develops and markets data security products for governments and the private sector. Utilizing Public Key Cryptographic Standards PKCS-11 from the ground up, WinMagic designs its Disk Encryption products with security and flexibility unparalleled in the industry. Its SecureDoc disk encryption easily integrates with popular third-party smart cards and Public Key Infrastructure (PKI) right at pre-boot time. SecureDoc provides the upgrade path from a password-only solution to enterprise-wide token-based PKI integration. WinMagic's SecureDoc has been validated under the Common Criteria, NIST Cryptographic Module Validation and now is the only one with FIPS 140-1 Level 2. Its FORTEZZA-based version is the only one to have earned certification by the NSA to protect classified data for US Government agencies. For more information regarding WinMagic products or services, please contact Sylvia Nguyen-Huu at (905) 502-7000 ext. 222, or visit the company website at www.winmagic.com . Note: The National Institute of Standards and Technology (NIST)'s permission to quote its name should not be deemed to be an endorsement of any company or product. |
|
||||||||||||
Printer friendly
Cite/link
Email
Feedback
Reader Opinion