One of Two NIST–Accepted Encryption Standards

PGP solutions are built on the recognized OpenPGP (RFC 2440 and RFC 3156) standard. PGP encryption is one of two email encryption standards recommended by the National Institute of Standards and Technology (NIST 400-85) available at:
http://csrc.nist.gov/publications/nistpubs/800-45-version2/SP800-45v2.pdf [PDF: 1.35MB].

FIPS Validation of PGP Software
The PGP® Software Development Kit (SDK), which is the core cryptographic technology underlying PGP Universal™ Server and other PGP® products, has been validated to the National Institute of Standards and Technology's (NIST's) Federal Information Processing Standard 140-2.

For more information, please visit http://www.pgp.com/developers/pgp_sdk/fips.html

Purchase Process
Customers should purchase current versions of PGP products from the GSA price list, a PGP reseller, or the PGP website. You will receive a download link and a license number for the current version of the products purchased. An installation CD is also available separately.

S/MIME and Other Government Standards
PGP® technology also supports additional standards for S/MIME (v3), Hashed Message Authentication Code CFR 2104, Advanced Encryption Standard (AES) FIPS 197, TripleDES FIPS 46-3, Digital Signature Algorithm (DSA) FIPS 186-2, and Secure Hash Algorithm (SHA) FIPS180-1 and FIPS 180-2.

Email Security Requirement Under FISMA
PGP Universal secures and digitally signs email as required by the GSA's E-Government initiative and to comply with the Federal Information Security Management Act (FISMA). It also enables agencies to comply with Federal Bridge Certificate Authority (FBCA) and Federal Public Key Infrastructure (FPKI).

Adds Email Security to PKI Investments
PGP Universal extends existing PKI investments, using existing X.509 certificates, by adding automatic, transparent secure email and digital signatures. PGP Universal can bridge the gap between incompatible PKI implementations.

PGP Universal for Government Agencies
PGP Universal moves security from the user to the network through a next-generation "automatic encryption proxy." IT can enforce encryption policies without relying on user intervention or incurring desktop software, training, or support costs. PGP Universal provides automatic key creation and management as well as automatic encryption, decryption, and digital signatures.

PGP Universal provides interoperability between S/MIME/X.509 and PGP/MIME architectures. It features LDAP-based certificate storage and retrieval, FBCA or subsidiary Certificate Authority (CA) capabilities, and broad CA interoperability. PGP Universal supports MAPI and IBM/Lotus Notes and is compatible with existing PGP Desktop solutions.

Request Information
If you would like more information about PGP government programs, please email us at gov-program@pgp.com, call us at 1 571 297 1508, or fill out and submit the form below.