SOURCE: SPYRUS, Inc.

SPYRUS, Inc.

May 04, 2010 09:00 ET

SPYCOS® Hardware Security Module From SPYRUS Achieves FIPS 140-2 Level 3 FIPS Validation

Embeddable HSM-On-A-Chip Brings NIST-Validated Military Grade Suite B Security to Smart Cards, USB Tokens, and Dozens of Other High-Security Devices

SAN JOSE CA--(Marketwire - May 4, 2010) -  SPYRUS, Inc., the leader in mobile, high assurance data protection products, today announced the SPYRUS Cryptographic Operating System (SPYCOS®) hardware security module has been granted FIPS 140-2 Level 3 Certificate #1302 by the National Institute of Standards and Technology. The SPYCOS hardware security module is available as an ISO 7816 smart card module with a standard interface or as a micro-sized surface mount Integrated Circuit called the Rosetta Micro.

As the first fully Suite B compliant cryptographic device in the industry, the SPYCOS module is the core of a broad spectrum of SPYRUS security devices, including the Rosetta Micro, Rosetta Smart Cards and USB Tokens, Rosetta SD and microSD flash storage devices, and the Hydra PC series of flash memory encryption devices. This includes the Hydra PC Personal Encryption Device, the only commercially available USB encryption device approved by the NSA for protecting U.S. Government tactical classified data at the Secret level and below when used with the approved operational security doctrine.

The SPYCOS module is designed for embedded environments requiring high security, where board space and power are key limitations. OEMs can take advantage of the following advanced features:

  • Next generation Suite B algorithms (AES, SHA-2, ECC), the strongest commercial-off-the-shelf cryptographic algorithms available today to protect sensitive data in these embedded devices.
  • Advanced RSA and Elliptic Curve Cryptography PKI functionality.
  • Tamper detection.
  • Small size -- measures less than 0.3 cm3 in volume.
  • Low power requirements -- draws less than 20mW of power, significantly less than competing products.

SPYRUS was the first company to incorporate Suite B and stronger cryptographic algorithms into all of its hardware and software products. The SPYCOS security module also supports legacy algorithms such as RSA 1024/2048, 3DES, and SHA-1 for backward compatibility with existing applications. This strong security in a flexible form factor brings unprecedented assurance to mobile environments, where consumer electronic device capabilities have challenged enterprise data and communication security. 

These features make products incorporating the SPYCOS security module ideally suited for integration into both custom and mass-market products requiring small size, low power and high security, including computers, cell phones, PDAs, routers, point of sale terminals, set top boxes and industrial control devices. 

The SPYCOS module provides additional high security functionality such as policy enforcement features that extend next-generation data containment functionality to the platforms into which it is embedded. For example, it supports a unique split knowledge feature, which allows applications to restrict device use to authorized systems. It also has advanced tamper-prevention circuitry that erases the encryption keys if any attempt is made to tamper with the chip while it is powered on. OEMs can use the SPYCOS module to implement PKI-based digital certificate security for smart card authentication, e-mail encryption and digital signatures, and authenticate Internet and cloud computing transactions such as home banking and funds transfers. SPYCOS fully supports the CAPI Next Generation (CNG) capabilities of Windows® 7, Windows Vista, Windows 2000, and Windows XP.

"SPYRUS received FIPS 140-1 Level 3 validation for the Rosetta Smart Card module in 2001 and we are pleased to achieve FIPS 140-2 level 3 certification for the latest version which is much smaller and available to OEMs in multiple form factors," said Tom Dickens, SPYRUS Chief Operating Officer. "While there are several embeddable encryption modules on the market today, SPYRUS believes that our strong key management and data containment functionality combined with secure made-in-USA implementation and a trusted supply chain combine to create the most advanced and trusted solution for OEMs that need to build high-assurance security products, whether they are for government or the private sector."

If you will be at the Joint Warfighters Conference in Virginia Beach on May 11-13, please pay SPYRUS a visit at booth 603.

E-mail sales@spyrus.com or visit http://www.spyrus.com for more information.

About SPYRUS, Inc.
SPYRUS holds patents in the U.S. and abroad that enable solutions for secure authentication, secure communication, and full disk encryption, as well as patents relating to data protection and rights management for digital content. Secured by SPYRUS™ security technology is designed, developed, and manufactured in the USA to meet FIPS 140-2 Level 3 standards. SPYRUS products support the strongest commercially available cryptographic algorithms, including elliptic curve cryptography (ECC), AES, and SHA-2, collectively known as Suite B. SPYRUS is headquartered in San Jose, California. See www.spyrus.com for more information.

SPYRUS, the SPYRUS logo, Secured by SPYRUS, SPYCOS, Rosetta, Hydra Privacy Card, and Hydra PC are either registered trademarks or trademarks of SPYRUS, Inc., in the U.S. and/or other jurisdictions. All other company, organization, and product names are trademarks of their respective organizations.

The National Security Agency's USB Flash Drive Program has developed specifications for physically transferring SECRET data between secure enclaves. SPYRUS, Inc. asserts that the Hydra PC meets NSA's USB Flash Drive specifications, documented in the "Universal Serial Bus (USB) Flash Drive Personal Token for Tactical SECRET Minimum Essential Requirements 1.0," and as such, is acceptable for use in national security systems.