News

SSH Communications Security Ltd. combines Internet Protocol Security with complete digital certification package

The leading innovator of strong cryptography products, SSH Communications Security, is to announce a new product SSH X.509 Certificate Tools. It is a complete library for IPSEC applications that require strong authentication of parties through digital certification. The new product is designed to be easy-to-use, out of the box certificate processing library and tool.

Rapidly growing and developing Internet commerce depends heavily on advanced authentication methods that secure identities of the parties interacting.

"Certificates are the only truly scalable method for authenticating people and computers over the Internet. They are part of the critical infrastructure for secure business communications and electronic commerce. SSH X.509 Certificate Tools bring this flexibility to IPSEC and VPNs on the large scale", explains Jani Hursti, President and CEO of SSH Communications Security.

Certificates are digital documents of identification. They can be regarded as common ID's we use every day. As real life identification documents, they have a set of attributes that define the owner of the certificate. They have been granted by a third party official called Certificate Authority (CA). The attributes of the certificate have been encoded in the certificate according to a standard. The X.509 is one such standard.

Authentication service systems run by CAs are fast spreading to authenticate everyone in local and global networks, including both people and machines. These third parties are trusted by everyone. They certify the true identity of the parties who have perhaps never met prior to the intended communication.

"Running large secure networks with thousands of users and multiple organizations without scalable, controlled authentication, is an administrative nightmare. This is why customers and IPSEC users are demanding certificates. With SSH X.509 Certificate Tools, an IPSEC application can use the certification services to full extent", says Tatu Ylönen, Chief Technology Officer of SSH Communications Security.

Unique features

SSH X.509 Certificate Tools are tailor made for IPSEC applications. Such applications include third party IPSEC implementations in VPNs, routers, firewalls, etc. SSH X.509 Certificate Tools can be used to perform all the necessary tasks with certificates. The tools can be used for, e.g., retrieving certificates from a public Certification Authority (CA) through Lightweight Directory Access Protocol (LDAP), for processing Certificate Revocation Lists (CRLs), and for generating certificate requests.

Unique architectural solutions make sure that the tools are fast and ready to be used in even the largest networks. It is a complete solution for certificates including fast mathematics, cryptography library, multilevel hierarchies, and support for smart cards. SSH X.509 Certificate Tools are designed to be resistant against denial-of-service attacks, very important in routers, VPN devices, and servers connected to the open Internet.

Interoperability with major Certification Authorities

SSH X.509 Certificate Tools library has been tested for interoperability against the products of all major CA vendors on the market. Such CA vendors include, for example VeriSign, Microsoft, XCert, Entrust, AU Systems (ID2 Technologies), and Baltimore Technologies.

© 2002 SSH Communications Security Corp. All rights reserved. ssh® is a registered trademark of SSH Communications Security Corp in the United States and in certain other jurisdictions. All other names and marks are property of their respective owners.