SOURCE: SPYRUS

SPYRUS

August 17, 2010 12:02 ET

SPYRUS® Hydra PC™ USB Encryption Device Family Awarded Its Third FIPS 140-2 Level 3 Validation

SANTA CLARA, CA--(Marketwire - August 17, 2010) -  Flash Memory Summit - SPYRUS, Inc. today announced that their Hydra Privacy Card® (Hydra PC™) USB encryption devices have received a third FIPS 140-2 Level 3 validation. In addition to FIPS 140-2 Level 3 certificate 1179 for file-based encryption and certificate 1302 for the SPYCOS® crypto core, SPYRUS received certificate 1394 for their XTS-AES sector-based encryption devices.

By defining multiple individually validated security boundaries, SPYRUS has created a flexible and extensible architecture for information protection using advanced encryption techniques. Contrast this with devices holding only one overall validation that must be revalidated whenever any part of the device changes, such as the PC interface or the addition of more advanced flash memory controllers.

The patented Hydra PC Personal Encryption Device was the first and is still the only commercial-off-the-shelf (COTS) USB encryption device approved to protect tactical data in accordance with CNSS Instruction 4009 at the SECRET level and below, when used with the approved operational security doctrine.

The Hydra PC Personal Encryption Device, like its big brother the Hydra PC Digital Attaché, protects your data no matter where it is stored -- on the drive, on your PC, or in the cloud -- because every file is encrypted with a unique AES-256 bit CBC key. Think of it as a bank vault with individual safe deposit boxes.

A fourth FIPS-140-2 Level 3 certificate will be issued shortly for another member of the Hydra Privacy Card family that was created for Kingston under the Secured By SPYRUS™ OEM program. This device is designed as a high-security replacement for conventional secure flash drives from IronKey, MXI, and SanDisk, and can be used on any PC.

All Hydra PC devices exceed the new security requirements recently issued by the US Department of Defense (DoD) on the Joint Task Force Global Network Operations (JTF-GNO) Computer Task Order (CTO) for encrypted flash drives approved for use on DoD networks. This is because Hydra PC USB encryption devices protect your data with advanced hardware security by drawing upon XTS-AES 256, AES 256 CBC, ECDH P-384, ECDSA P-384, and SHA-384, which make up the US Department of Defense Suite B cryptography.

Suite B was designed to serve as an interoperable cryptographic base for data protection and information sharing for both unclassified information and most classified information. SPYRUS worked in partnership with Microsoft to add Suite B support to Windows Vista, Windows 7, and Windows 2008 Server. However, SPYRUS is the only vendor to implement the entire set of Suite B cryptographic algorithms in FIPS 140-2 Level 3 validated hardware across all product lines.

"With the addition of this new FIPS 140-2 Level 3 certificate, SPYRUS holds the trifecta for building the most secure portable data encryption devices in the world," said Tom Dickens, SPYRUS Chief Operating Officer. "But just as important as validation is the source of the security. All SPYRUS encryption devices are designed, developed, and manufactured in the United States using cleared suppliers and facilities. This allows us to mitigate the risks of untrusted parts and hidden code that are of increasing concern to governments around the world."

"Because we know that one size does not fit all, we offer a family of encrypting drives with fixed memory, removable memory, or no memory at all," said Ron LaPedis, Director of Product Marketing and Management. "The modular design of our devices allows us to keep up with the latest in PC interface and flash memory technology without requiring redesign or revalidation of our cryptographic elements. This ensures that our customers always get the latest, most secure technology."

The Hydra Privacy Card Personal Encryption Device and other Secured by SPYRUS™ USB encryption devices can be ordered through several government contracts. They are also available from Amazon in the USA. Email sales@spyrus.com for more information.

About SPYRUS, Inc.
SPYRUS holds patents in the U.S. and abroad that enable solutions for secure authentication, secure communication, and full disk encryption, as well as patents relating to data protection and rights management for digital content. Secured by SPYRUS™ security technology is designed, developed, and manufactured in the USA to meet FIPS 140-2 Level 3 standards. SPYRUS is headquartered in San Jose, California. See www.spyrus.com for more information.

SPYRUS, the SPYRUS logo, Secured by SPYRUS, Hydra Privacy Card, Hydra PC, and Digital Attaché are either registered trademarks or trademarks of SPYRUS, Inc., in the U.S. and/or other jurisdictions. All other company, organization, and product names are trademarks of their respective organizations.

The National Security Agency's USB Flash Drive Program has developed specifications for physically transferring SECRET data between secure enclaves. SPYRUS, Inc. asserts that the Hydra PC meets NSA's USB Flash Drive specifications, documented in the "Universal Serial Bus (USB) Flash Drive Personal Token for Tactical SECRET Minimum Essential Requirements 1.0," and as such, is acceptable for use in national security systems.