federal government requirements

MISSISSAUGA, ON, May 24 - With the recent FIPS
140-2 validation of Security Builder GSE-C, the Certicom Security Architecture
makes it easier and faster for device manufacturers and software vendors to
sell into the U.

Infineon and SPYRUS Partnership Delivers First Products Incorporating New ''Suite B'' Advanced Crypto Algorithms; New Era in Cybersecurity Commences

Together they produced the first smart card and USB cryptographic
token certified to meet the FIPS 140-1 Level 2 and Level 3 security
standards, for use in both Government and commercial business
enterprises.

ches theory

For the past few years, the U.S. The Infineon SLE66CX642P
chip is in the process of being certified under Common Criteria at an
EAL5+ level of trust by the German Government.

cryptographic cyber

SPYRUS received the first
patent sublicense for elliptic curve cryptography that has been issued
by the National Security Agency, under the terms of the NSA Field of
Use patent license. SPYRUS products also support the full range of
SHA-224/256/384/512, and AES-128/192/256. Further information is available at www.

csd rsa

Security Builder GSE enables device manufacturers and software vendors to
efficiently meet U. Adopted by the U.certicom.
The Global Information Grid (GIG), as it is being defined by the
U. DoD, its allies and coalition partners, a secure, highly
available, and globally interconnected information environment to meet
the real-time and near real-time information needs for security,
military , diplomatic, and civil government purposes as well as for
commercial enterprises.

cryptologic frequently

By using ECC-based
algorithms now, companies get a jump-start on meeting the government's new
recommendations. Founded in 1985,
Certicom is headquartered in Mississauga, ON, Canada, with offices in Ottawa,
ON; Reston , VA; San Mateo, CA; and London, England. The full range of capabilities that might be selected for a
particular application will therefore be available in a FIPS 140-2
certified SPYRUS product.

frequently cryptographic

Regarded as the authority for strong,
efficient cryptography, Certicom Corp (TSX: CIC) enables companies to add
government-approved security to their products without undergoing the time-
consuming and costly Federal Information Processing Standards (FIPS) process
as set out by the National Institute of Standards and Technology (NIST). "By users selecting Certicom, companies not
only qualify as having FIPS 140-2-validated modules, they also benefit from
Certicom's efficient implementations and years of expertise in this area. Visit http://www.S."

About Infineon Technologies

Infineon Technologies AG, Munich, Germany, offers semiconductor
and system solutions for automotive, industrial and multi -market
sectors, for applications in communication, as well as memory
products.19 billion (US $8.

maintains rsa

Government, and increasingly adopted by other governments
as well as the commercial sector. "Combining
Infineon's leading edge security microcontroller technology with
SPYRUS' embedded technologies will provide customers with improved
legacy performance together with Suite B product capabilities today
and ultimately improve time to deployment for systems with maximum
security protection.

In fiscal year 2004 (ending September), the company
achieved sales of Euro 7.

confsal rsa

Certicom Security Architecture Earns FIPS 140-2 Validation

com. More detailed information about potential
factors that could affect Certicom's financial results is included in the
documents Certicom files from time to time with the Canadian securities
regulatory authorities. The "Field of Use" refers to the technology and
methods necessary to implement patented technology, utilizing elliptic
curves in GF(p) with key strengths greater than 255-bits, with
implementations that are certified to meet the FIPS 140 -2 security
standard.
Infineon and SPYRUS have been partners since the mid-1990s.
"This partnership between Infineon and SPYRUS provides new,
cost-effective opportunities for customers while offering
best-in-class security features," said Joerg Borchert, VP for Chip
Card and Security ICs, Infineon Technologies North America.S.

communication cryptology

S.
SPYRUS products support the full range of ECC curves in GF(p) that
have been approved for use by the U. The Full and One-Pass ECMQV
key establishment schemes are supported, along with the five EC
Diffie-Hellman schemes required by NIST's Special Publication SP
800-56. With a global presence, Infineon operates in the U.

communication cryptographic

"The adoption of ECC within the U. government's National Security
Agency (NSA), Certicom technologies for Elliptic-Curve Cryptography (ECC)
provide the most security per bit of any known public-key scheme, making it
ideal for resource -constrained environments. Certicom products and services
are currently licensed to more than 300 customers including Motorola, Oracle,
Research In Motion, Terayon, Texas Instruments and Unisys.

----SPYRUS, Inc. These techniques include
instruction timing randomization, complementary balanced circuitry,
encrypted memory bus transfers, and current scrambling techniques.93 billion) with about
35,600 employees worldwide. SPYRUS' mission is to set
the standard for the new era of multinational information sharing and
long term data protection.

communication applications

Security Builder GSE includes the first FIPS 140-2-validated security
module to include several elliptic-curve cryptography (ECC)-based algorithms
such as Elliptic Curve Diffie-Hellman (ECDH) and Elliptic Curve Menezes-Qu-
Vanstone (ECMQV) for key agreement, and the FIPS 186-2-validated elliptic-
curve digital signature algorithm (ECDSA) for authentication." Suite B is expected to be the de facto standard to protect
data for decades to come , for both government and business users.S.
Since its inception in 1992, SPYRUS has specialized in cryptographic
services utilizing high assurance devices to publish, distribute, and
provide access control for electronic data. Further information is available at
www.

math cyber

A common application programming interface (API) unifies Certicom's
modules to create a plug-and-play security architecture. (TSX: CIC) is the authority for strong, efficient
cryptography required by software vendors and device manufacturers to embed
security in their products. and
Infineon Technologies today announced the availability of personal
authentication and security products to support the Global Information
Grid , utilizing the new suite of advanced crypto algorithms known as
"Suite B. corporation headquartered in
San Jose, California with offices in Canada, Belgium, and Australia.com

Of note: Mr.

frequently crypto

These technologies include Infineon's
multi-layer chip design, which includes an active shield to prevent
tampering, the Advanced Cryptographic Engine (ACE) as well as a Triple
DES cryptographic coprocessor to accelerate RSA, ECC and DES
computations, together with state-of-the-art techniques to defeat
possible side-channel analysis attacks. from
San Jose, CA, in the Asia-Pacific region from Singapore and in Japan
from Tokyo.

cryptography pkc

It supports the
leading mobile and server platforms and includes cryptography implementations
to help companies adopt the National Security Agency (NSA) Suite B public-key
recommendations . With the
recently announced NSA Suite B recommendations and entry into the FIPS
validation process , ECC is poised to become the dominant public-key
cryptography used to protect U. SPYRUS products implement ECC technology specified for use
by the U.S. Wolf, the National Security Agency's
Director of Information Assurance, will speak at the 14th Annual RSA
Conference on Wednesday, 16 February 2005, at the Moscone Center in
San Francisco, California, where he is expected to discuss the
importance of multinational information sharing and the Global
Information Grid.

asked vulnerability

S. All other companies and products
listed herein are trademarks or registered trademarks of their respective
holders.
SPYRUS plans to migrate its security solution to Infineon's new PE
family of secure microcontroller ICs to take advantage of enhanced
features including more efficient EEPROM programming, 33MHz CPU clock,
and smaller die size.
Government's highest standards to secure and protect sensitive
information, " said Sue Pontius, President and CEO of SPYRUS.spyrus.

cryptologic csd

Security Builder GSE acts as a software -based cryptographic provider
within the Certicom(R) Security Architecture(TM) - a comprehensive, modular
and portable solution designed to allow developers to quickly and cost-
effectively embed security into applications, and across multiple families and
generations of devices.

About Certicom
Certicom Corp. Factors that might cause a difference
include, but are not limited to, those relating to the acceptance of mobile
and wireless devices and the continued growth of e -commerce and m-commerce,
the increase of the demand for mutual authentication in m-commerce
transactions , the acceptance of Elliptic Curve Cryptography (ECC) technology
as an industry standard, the market acceptance of our principal products and
sales of our customer's products, the impact of competitive products and
technologies, the possibility of our products infringing patents and other
intellectual property of fourth parties, and costs of product development.

Department of Defense (DoD ), provides a fundamental shift away
from centralized "information-push" technologies, toward a new era of
information sharing by authorized users, anywhere, anytime.S.com

About SPYRUS, Inc .

SPYRUS, Inc, is a privately held U. Daniel G.

asked initiatives

S.S federal government is progressing
quickly and Certicom is taking a leadership role in enabling companies to
integrate ECC-based technology into their products," said Jim Alfred, director
of product management at Certicom.
For more information on the Certicom Security Architecture and Security
Builder GSE, visit http://www.com /csa.gov

initiatives cyber

government information.
Except for historical information contained herein , this news release
contains forward-looking statements that involve risks and uncertainties. This collaboration now provides the market with the first
token to offer complete Suite B capabilities to provide the strongest
security protection in smart card, USB token, and secure mass storage
products available anywhere.
Combining Infineon's security IC expertise with our cryptographic
implementation has enabled SPYRUS to be first to market with the most
advanced products available today. Wolf will be
available for interviews by contacting the NSA Public and Media
Affairs Office at 301-688-6524 or nsapao@nsa.

vulnerability cryptologic

"
FIPS 140-2 validation is considered a benchmark for security in
government .S.

Business Editors/High-Tech Editors
RSA Conference 2005

SAN JOSE, Calif.
The National Security Agency (NSA) publicly announced in October
2003 its intent to adopt elliptic curve cryptography (ECC), which
forms the heart of the Suite B algorithms. Government, from P-256 to
P-521.

pkc nsa

government (through the NSA) has given
its nod to elliptic-curve cryptography-based security schemes.certicom .
Actual results may differ materially.
Certicom will not update these forward-looking statements to reflect events or
circumstances after the date hereof. According to the NSA press release, Mr .

cryptology indocrypt

Building
on the currently available Internet technologies, the GIG will provide
to the U.
SPYRUS technologies build upon that solid security base by
utilizing their own intellectual property and algorithm
implementations to add highly optimized support for ECC, AES, SHA-2,
RSA, DSA, and other legacy algorithms running on their secure smart
card operating system (SPYCOS(R)). "With
NSA's grant of the ECC license to SPYRUS, we are ready to meet the
anticipated demand in all markets that require strong security.

communication confsal

S.S.S. It is being submitted for certification
under the stringent FIPS 140 -2 Level 3 cryptographic security standard
by an agency of the U.

math initiatives

It assures users that a specific security technology has passed
rigorous testing under the CAVP (Cryptographic Algorithm Validation Program)
and CMVP (Cryptographic Module Validation Program) by an accredited third-
party laboratory , and can be used to secure sensitive information.

Certicom, Certicom Security Architecture , Certicom CodeSign, Security
Builder, Security Builder API, Security Builder BSP, Security Builder Crypto,
Security Builder ETS, Security Builder GSE, Security Builder IPSec, Security
Builder NSE , Security Builder PKI and Security Builder SSL are trademarks or
registered trademarks of Certicom Corp. Government (NIST). Infineon is listed on the DAX index of the
Frankfurt Stock Exchange and on the New York Stock Exchange (ticker
symbol: IFX).

rsa confsal

federal government. The modular architecture allows the higher level
toolkits, SSL, IPSec and PKI to utilize the Security Builder GSE module in
FIPS mode."
"SPYRUS is committed to providing products that meet the U.infineon.