navigation | content

News
Helsinki, Finland; Palo Alto, Calif. and Tokyo - January 12, 2004

SSH Receives FIPS 140-2 Certification

Key U.S. Government Certification Underscores Robustness of SSH Tectia Encryption

SSH Communications Security (HEX:SSH1V), a world-leading developer of managed security middleware, today announced that the encryption module (SSH Cryptographic Library Software Version 1.2.0) used in its SSH Tectia client/server 4.0 has been awarded Level 1 Federal Information Processing Standards (FIPS) 140-2 certification. In addition to current availability (SSH Tectia client/server 4.0), the FIPS 140-2 approved cryptographic module will also be available in future releases of SSH Tectia client/server software.

The Cryptographic Module Validation (CMV) Program of the National Institute of Standards and Technology (NIST) provides specifications for software and hardware products that employ cryptographic algorithms, cryptographic key generation and distribution techniques. Authentication techniques that are FIPS 140-2 approved are certified for protecting Federal Government unclassified information. Vendor products are tested for compliance to these specifications by NIST-approved testing laboratories. In accordance with the NIST certification guidelines, the SSH cryptographic module has been certified at Level 1, which defines software cryptographic functions to be performed in a general purpose PC without any additional hardware security mechanisms.

"Protecting various agencies of the U.S. Government from unauthorized access to sensitive data has become even more critical in today's environment," said George Adams, president and CEO of SSH Communications Security, Inc. "We are delighted not only to have this all-important validation of the robustness of our encryption methodology, but also to be doing our part to help ensure that U.S. Government communications are secure."

Tests performed by the NIST validated several algorithms implemented in the crypto module used in SSH Tectia, including AES, Triple DES, DSA and SHA-1, giving it approval for use in Federal agencies within the context of a complete security program. Many U.S. Government organizations are already using SSH's Secure Shell-based technology, even before the option for FIPS 140-2 crypto module use is available. These include the U.S. Army, U.S. Navy, U.S. Marine Corps, U.S. Air Force, the Department of Defense, the Department of Justice, Lawrence Livermore National Labs, NASA, the Naval Air Warfare Center, and others. For more information on the completed certification, please visit: http://csrc.nist.gov/cryptval/140-1/1401val2003.htm.

About SSH Tectia

SSH Tectia is an enterprise class suite of security solutions based on SSH's industry leading technologies. SSH Tectia client/server solution is based on the award-winning SSH Secure Shell used by millions worldwide. SSH Tectia enables end-to-end secure communications throughout the internal and external network. SSH Tectia provides transparent strong encryption and authentication and easily integrates into heterogeneous, multi-platform environments. SSH Tectia's management capabilities allow for easy scalability and centralized policy deployment.

About SSH Communications Security

SSH Communications Security, a world-leading supplier of managed security middleware, offers a broad range of security software solutions designed to address the most critical needs for businesses, financial institutions and governments worldwide. SSH Tectia, based on the award-winning SSH Secure Shell, is a modular enterprise class solution that requires no modification to existing IT infrastructures or applications. SSH Tectia Manager is a centralized, scalable management module for deploying, managing and monitoring of large scale Secure Shell and SSH Tectia environments. SSH Tectia client/server solution provides standards-based, transparent strong encryption and authentication that easily integrates into heterogeneous, multi-platform environments for secure end-to-end network communications and remote administration.
SSH Tectia Certifier provides a robust certification authority for flexible and strong authentication through digital certificates and hardware tokens. SSH is traded publicly on the Helsinki Exchanges under HEX:SSH1V. For more information, please visit www.ssh.com.

SSH Corp. Contact
George Adams
SSH Communications Security Corp.
Tel: +1 781 247 2100
E-mail: email address

Americas Contact
Byron Rashed
SSH Communications Security, Inc.
Tel: +1 650 251 2721
E-mail: email address

Europe Contact
Bo Sorensen
SSH Communications Security Corp.
Tel: +358 20 500 7404
E-mail: email address

Investor Relations
Mika Peuranen
SSH Communications Security Corp.
Tel: +358 20 500 7419
E-mail: email address

U.S. Agency Contact
Cheryl Taylor
Walt & Company
Tel: +1 408 496 0900 x 2981
E-mail: email address

Asia Pacific Contact
Shiho Hashimoto
SSH Communications Security Corp.
Tel: +358 20 500 7470
E-mail: email address

© 2004 SSH Communications Security Corp. All rights reserved. ssh® is a registered trademark of SSH Communications Security Corp in the United States and in certain other jurisdictions. All other names and marks are property of their respective owners.