Secure64 Earns FIPS Level-2 Certification

Secure64 DNS Signer is the first commercial DNSSEC software appliance certified to Level 2, according to the company

December 3, 2009

3 Min Read


DENVER " December 1, 2009 " Secure64 Software Corporation today announced that the company's Secure64 DNS Signer software appliance will receive FIPS 140-2 Level 2 certification from the National Institute of Standards and Technology (NIST) and the Communications Security Establishment Canada (CSEC). Secure64 DNS Signer is the first commercial DNSSEC software appliance certified to Level 2. U.S. federal agencies are required to utilize only FIPS-certified products in any federal system that uses cryptography to protect sensitive or valuable information.

"This FIPS certification recognizes the security inherent in Secure64's architecture, which is able to store sensitive information online safely. By combining this security with high speed cryptography, our DNSSEC signing software is able to offer better cryptographic security and performance than other software solutions without the added cost and complexity of cryptographic hardware," said Steve Goodbarn, Secure64 CEO.

FIPS 140-2 is a NIST standard for cryptographic security that defines four levels of compliance ranging from Level 1 to Level 4. Level 1 certification provides assurance that the most basic security requirements have been met, while security requirements become more stringent as the certification levels increase. DNSSEC products use cryptographic digital signatures to protect the DNS, so FIPS 140-2 certification is a good measure of the degree of private key protection provided. No software cryptographic module has ever been certified to Level 3 or 4.

"FIPS certification is increasingly an important foundational technology requirement to drive adoption across the federal government marketplace," said Rishi Sood, Research Vice President at Gartner.

Public key cryptography is commonly used in computer systems to ensure the authenticity, integrity or confidentiality of data communicated across a network. Trust in the security of network communications depends on the degree of security those computer systems provide to protect their cryptographic keys. Without sufficient security, messages could easily be forged or confidential information intercepted.

"Most of our competitors simply use the cryptographic module that ships with the underlying operating system, or an OpenSSL cryptographic module," said Joe Gersch, Secure64 COO and nationally-recognized DNSSEC expert. "These modules may have been certified by NIST to Level 1, but the version of the module that was certified may or may not be the one actually used by the vendor. In contrast, Secure64 DNS Signer actually met the requirements for Level 3 in four of ten categories, and provides mitigation of attacks beyond what is required for certification. This means our software provides significantly more cryptographic security than any other commercial DNSSEC signing software available today."

For more information about DNSSEC and Secure64 DNS Signer, visit

About Secure64 Software Corporation

Headquartered in Greenwood Village, Colorado, Secure64' is a software company offering high-performance DNS server software that makes the DNS trustworthy and secure. Secure64 currently offers two DNS solutions based on the company's patented technology. Secure64 DNS Signer is the first DNSSEC appliance to make DNSSEC deployment simple and secure. Secure64 DNS Authority is secure DNS server software that is available at all times -" even during network attacks or restarts. For more information, visit

Keep up with the latest cybersecurity threats, newly discovered vulnerabilities, data breach information, and emerging trends. Delivered daily or weekly right to your email inbox.

You May Also Like

More Insights