splash

Home > Solutions > PGP Approvals, Validations, and Certifications

PGP Approvals, Validations, and Certifications

Independent and third-party approvals and certifications

PGP Corporation works with global third-party and independent certificate and approval organizations to provide products and solutions that meet the required assurance and compliance requirements of our customers.

PGP Encryption Platform

PGP® solutions include all data encryption applications in one PGP® Encryption Platform.
Deploy the platform once and then activate encryption applications as needed.

FIPS Validation

The PGP® Software Development Kit (SDK), which is the core cryptographic technology underlying PGP Universal™ Server and other PGP® products, has been validated to the National Institute of Standards and Technology's (NIST's) Federal Information Processing Standard 140-2. FIPS 140-2 validation provides independent assurance that the standard cryptographic algorithms used within the PGP SDK and other security-critical functions throughout the PGP SDK, such as key handling, are implemented correctly.

The SDK is at the heart of PGP products including: PGP® Whole Disk Encryption, PGP® NetShare, PGP® Command Line, PGP Universal Server.

The PGP SDK provides the cryptography for PGP® Whole Disk Encryption, PGP® NetShare, PGP® Desktop, PGP Universal™, and PGP® Command Line. PGP SDK 3.10.3, PGP SDK 3.11.0, and PGP SDK 3.12 are FIPS 140-2 validated.

Links for verification of validation:

  • For PGP SDK 3.10.3 and PGP SDK 3.11.0, see cert #1049, dated 12/3/2008 NIST website.
  • For PGP SDK 3.12.0, see cert #1101, dated 3/26/2009 at the NIST website

Details and history of previous validations can be found at: PGP SDK FIPS Validation.
Common Criteria

The Common Criteria is an international evaluation program of IT security products and systems.

Common Criteria evaluation results are recognized by 25 countries, including the United States of America, the United Kingdom, France, Germany, and Canada. The following products completed Common Criteria certification:

  • PGP Whole Disk Encryption v9.10 - EAL 4+
  • PGP Encrypted Email v9.10 - EAL2
The CESG Assisted Products Service (CAPS)

The CESG Assisted Products Service (CAPS) is a service for companies interested in commercial risk developments for the UK government market. CAPS links the cryptographic knowledge of CESG, the UK national technical authority for information assurance, with the private sector's expertise and resources. CAPS helps private sector companies to develop cryptographic products for use by Her Majesty's Government (HMG) and other appropriate organisations in the UK. A Consultancy and Advice contract gives companies access to CESG knowledge, skills and experience in the field of Information Assurance, supplemented by a range of guidance documentation. CAPS vendors may incorporate appropriate CESG cryptographic or public domain algorithms in their products and submit them for evaluation by CESG. When approved, these products may be advertised as suitable for purchase by HMG and the UK public sector. You can find more information at http://www.cesg.gov.uk/products_services/iacs/caps/index.shtml

PGP Whole Disk Encryption (Windows) is CAPS-approved, and PGP® Desktop Email is currently being evaluated for CAPS approval.



Browse Solutions

Powerful protection, yet simple to deploy and use, extensible PGP solutions meet a variety of needs. Find out what’s right for you: select a role, industry or compliance issue at the right.

News More

16 Dec PGP® Whole Disk Encryption Approved for Use within UK Government

09 Dec SC Magazine Selects PGP Corporation as an Innovator in Encryption in 2008

08 Dec PGP Universal™ Server with Gateway Email and Key Management Awarded Common Criteria Certification

Related Links