nCipher hardware selected to support newly announced VeriSign Trust Gateway Solution for Secure Web Services

RSA Conference, San Francisco, CA – 14 April 2003 – nCipher plc (LSE:NCH), a leading provider of IT cryptographic security solutions, today announced that its hardware security modules (HSMs) have been selected by VeriSign, Inc. (Nasdaq:VRSN), the leading provider of digital trust services, to provide enhanced security and management of cryptographic keys, as well as SSL-acceleration capabilities, for the new VeriSign Trust Gateway, a new Web services security solution announced today.

The VeriSign Trust Gateway allows enterprises to delegate Web services security policy operations, deployment and management to a dedicated, standards-based solution with no modification to their Web services. nCipher ‘s FIPS 140-2 certified nShieldâ„? HSM provides hardware key management in support of XML signature, XML encryption and SSL authentication, to supply the highest level of trust in conjunction with the VeriSign Trust Gateway.

The VeriSign Trust Gateway allows enterprises to allocate security functions to a single, dedicated solution that greatly simplifies Web service and application security policy definition, enforcement and administration. Integrated with VeriSign’s Managed PKI service to perform a variety of security operations, such as XML signing, XML encryption, real-time non-repudiation and WS-Security, the VeriSign Trust Gateway solution utilizes digital signatures and SSL encryption in performing its functions. To deliver the highest levels of security and management for the cryptographic keys used in the VeriSign Trust Gateway, nCipher’s hardware security technology provides a secure FIPS validated tamper-resistant environment.

Also, as demand on Web services grows and traffic levels increase, nCipher’s products provide performance advantages by accelerating processor-heavy encryption tasks to reduce performance bottlenecks for users of the VeriSign Trust Gateway.

When deploying nCipher HSMs with future versions of VeriSign Trust Gateway, customers will also be able to leverage the VeriSign Hardware Protected SSL Certificate, a new higher security certificate being offered by VeriSign and nCipher (see joint announcement dated April 7, 2003). The Hardware Protected SSL Certificate is the first available SSL certificate that assures the private key is protected in FIPS-validated cryptographic hardware, providing a stronger level of authentication and enabling security-conscious companies to establish an advanced, more secure method of protecting online transactions. Web services are an ideal application for this higher security certificate, especially where high value B2B transactions are involved, requiring best practice security measures to ensure the authentication process can be trusted.

“Security is the greatest barrier to the adoption of Web Services,” said Judy Lin, executive vice president and general manager of VeriSign’s security division. “The VeriSign Trust Gateway offers customers a dedicated standards-based solution for centrally managing their Web services security functions. The additional level of trust offered by combining the VeriSign Trust Gateway service with hardware from nCipher, a company well-established as a manufacturer of hardware-based encryption products for XML security, gives our customers premium levels of security and the knowledge that their security is protected and managed to the highest levels possible.”

“VeriSign has always been at the forefront of securing Internet services, and we are pleased to be able to deliver the additional level of security offered by nCipher hardware to the VeriSign Trust Gateway solution. The increase in demand for Web services, and the awareness that security and trust have to be integral parts of any Web service, has helped drive the need for enterprises to strengthen their encryption practices. nCipher has quickly become the company that people trust to secure and manage cryptography used in XML-based Web services,” said Richard Moulds, vice president of marketing, nCipher.

About nCipher
nCipher is redefining cryptographic security to protect points of risk across the enterprise-from network appliances to Web servers, to custom software applications and back-end databases. nCipher provides hardware and software solutions that enable organizations to implement best practice security by addressing the challenges of cryptographic key management and performance. Many of the world’s leading organizations – from Microsoft and Barclays Bank to PricewaterhouseCoopers and the U.S. Navy – rely on nCipher to deliver a sound e-security infrastructure. nCipher’s products are particularly well suited to organizations with high volumes of security-sensitive transactions, such as banking and financial institutions, government departments, e-retailers and online service providers. nCipher is listed on the London Stock Exchange as a TechMARK 100 company (LSE:NCH) with offices in Cambridge, UK; Boston, Seattle, Paris, Hamburg, Singapore and Tokyo. For more information on nCipher, visit

Don't miss