Cryptography Research points to leading Dutch security firm TNO ITSEF as an evaluator of new advanced DPA testing program for smart cards

SAN FRANCISCO, Calif., — November 14, 2005 — Cryptography Research, Inc. (CRI), a worldwide leader in security systems, today announced that the company has accredited the Netherlands Organization for Applied Scientific Research-ITSEF (TNO ITSEF) as an independent testing lab to conduct evaluations for the DPA Countermeasure Validation Program. The new program, designed to help chip purchasers and smart card customers identify devices with effective security, involves independent testing of products to evaluate their resistance to Differential Power Analysis (DPA) attacks.

TNO ITSEF is the first security evaluation facility to be accredited by CRI to conduct testing under its new DPA Countermeasure Validation Program. Through this program, licensed users of CRI's DPA countermeasure technology will have the right to display the DPA Lock certification mark in connection with products that qualify under the tests conducted by TNO ITSEF. Products displaying the DPA Lock give customers assurance that the chip or card is both licensed and contains tested countermeasures.

"We are pleased to accredit TNO ITSEF as one of the DPA Countermeasure Validation Program’s independent security evaluation laboratories", said Ken Warren, Smart Card Business Manager, Europe. "TNO ITSEF is recognized worldwide for having the very highest standards in security testing and offers its customers the industry-level rigor and quality this program requires".

"We are delighted to be working with leading security experts, such as CRI, in this vital area of smart card protection," said Jan Pieters, CEO from TNO ITSEF. "Defining the scope of evaluation to include more thorough DPA testing will further improve confidence in the security value of smart cards".

Smart cards and other cryptographic devices can be vulnerable to DPA attacks, which can reveal secret keys. Effective countermeasures are required to prevent payment cards, ID cards, and other devices from fraud and abuse. The DPA Countermeasure Validation Program includes a suite of tests specifically designed to analyze the effectiveness of a devices’ DPA countermeasures. Only a select number of the world’s most capable testing labs are expected to be approved to participate.