nCipher Delivers End-To-End Encryption to Protect Sensitive PIN and Password Data
Cambridge, UK – 14 April 2003 – nCipher plc (LSE:NCH), a leading provider of IT cryptographic security, today announced the launch of CodeSafe SSLÃ¢â€ž? to bridge the security gap that exists between internal corporate applications and the Internet, keeping sensitive information safe as it crosses the DMZ. CodeSafe SSL allows, for the first time, the direct termination of an SSL connection to be made entirely within a trusted hardware device where it can be securely processed or re-encrypted for safe transmission to other applications. This unique capability extends the protection delivered by nCipher’s tamper-resistant FIPS 140-2 validated Hardware Security Module (HSM), ensuring vital data such as credit card numbers, PINs or passwords entered at a client browser can be protected throughout the internal and external network.
Best-practice security already recommends the use of hardware-based protection for the SSL private encryption keys used on Web servers to prevent eavesdropping and provide secure sessions between the browser and Web server. For secret or confidential information the challenge is to extend the security provided by SSL deeper into the Web site infrastructure in order to protect data behind the firewall from internal and external attacks. As the concept of a secure network boundary becomes outdated it becomes even more important to protect sensitive information wherever it flows, inside or outside a corporate network. With CodeSafe SSL, selected SSL sessions can be terminated inside a protected hardware environment and traffic passed securely on to other back-end applications, delivering end-to-end protection without any changes or downloads to the browser avoiding the cost and complexity of managing client software.
In addition to terminating SSL traffic and providing re-encryption for back-end connections within a single trusted device, application developers using the CodeSafe SSL toolkit can deploy customized software to securely process traffic and make decisions within the FIPS security boundary of the same HSM. As a result, CodeSafe SSL can be used to enhance the security of both custom and commercial security applications and provide the flexibility to safely locate security functions wherever required, even in untrusted environments such as the DMZ. Common functions such as securing PIN and password processing or user authentication routines can be performed safely anywhere in the network, closing security gaps and reducing management complexity.
“Securing keys in hardware protects SSL connections to the Web server but in certain circumstances security architects need to take a wider perspective and assess security gaps that exist behind the Web server or even within the Web server itself,” says Simon Avarne, vice president of product management at nCipher. “CodeSafe SSL harnesses the advanced security architecture of nCipher’s FIPS 140-2 validated HSM and integral Secure Execution Engine (SEE) to provide the flexibility to deliver a powerful combination of end-to-end protection and trusted security processing. This unique capability is ideal for securing a wide range of e-business applications that include secure single sign-on, roaming PKI, notarization and payment related authentication such as Visa’s 3-D Secure or MasterCardÃ¢â€ž? Secure CodeÃ¢â€ž?.”
About CodeSafe SSL
The CodeSafe SSL toolkit includes the nCipher nShield HSM, complete hardware SSL stack and CodeSafe/C toolkit. This enables application developers to write C/C++ programs that are securely loaded and executed in the FIPS security boundary of the HSM. The CodeSafe/C toolkit enables application developers to write C/C++ programs to be securely loaded and executed on a tamper-resistant HSM. This allows customers to write application specific functions, such as PIN validation or secure re-encryption for processing user data. Any data entered at a client browser can be delivered securely to any back-end service without the overhead of having to deliver client-side code or scripts.
The CodeSafe SSL toolkit, is available immediately and pricing starts from $18,700 including an HSM.
nCipher is redefining cryptographic security to protect points of risk across the enterprise-from network appliances to Web servers, to custom software applications and back-end databases. nCipher provides hardware and software solutions that enable organizations to implement best practice security by addressing the challenges of cryptographic key management and performance. Many of the world’s leading organizations – from Microsoft and Barclays Bank to PricewaterhouseCoopers and the U.S. Navy – rely on nCipher to deliver a sound e-security infrastructure. nCipher’s products are particularly well suited to organizations with high volumes of security-sensitive transactions, such as banking and financial institutions, government departments, e-retailers and online service providers. nCipher is listed on the London Stock Exchange as a TechMARK 100 company (LSE:NCH) with offices in Cambridge, UK; Boston, Seattle, Paris, Hamburg, Singapore and Tokyo. For more information on nCipher, visit www.ncipher.com.