Information Security Corporation (ISC) is headquartered in Deerfield, IL with development offices located in Oak Park, IL and Santa Cruz, CA. The company was founded in 1989 by Thomas Venn and Michael Markowitz to develop and market data security products based on public key cryptography. For several years ISC focused on the Federal Government market, but in the last few years has become increasingly involved in the private sector.

ISC specializes in the design and development of standards-conforming conventional and public key encryption and authentication software. ISC offers implementations of all popular cryptographic algorithms including: the Advanced Encryption Standard (AES), the Data Encryption Standard (DES), Triple DES (TDES), the ElGamal and Rivest-Shamir-Adleman (RSA) public key cryptosystems, the NIST Digital Signature Standard (DSA), Diffie-Hellman key exchange, the NIST Secure Hash Standards (SHA-1, SHA-256/384/512), Internet MD2/MD4/MD5 message digests, IEEE 32-bit CRC, etc.

ISC's DSA, AES, TDES, DES, EES, and SHA-1 implementations have been certified by NIST for compliance with all relevant Federal Information Processing Standards. CDK 7.0, the cryptographic module on which all of our current products are based, has recently been awarded FIPS 140-1 Validation Certificate No. 347 by NIST and the Communication Security Establishment (CSE) of the Government of Canada..

ISC offers a family of shrink-wrapped security applications as well as linkable object module libraries called Cryptographic Development Kits (CDKs). The latter are available as Windows Dynamic Link Libraries (DLLs) or COM objects, or as object module libraries for various UNIX platforms. The CDK is also offered in the form of a CDSA 1.2 CSP for Windows NT and the HP-UX 11.0 operating system. Hewlett-Packard has licensed this CSP for redistribution to all HP-UX 11 licensees.

After several years of participation in the IEEE 1363 standards process, ISC implemented Elliptic Curve Cryptography (ECC) and currently uses it in CertAgent and SecretAgent. It is also available to developers as part of our CDKs.

The company's popular SecretAgent product débuted in 1991. The fully PKI-enabled 5.0 release became available in 1999. SecretAgent supports X.509 certificates and CRLs from a variety of commercial Certificate Authorities (CAs) and offers the latest in encryption and digital signature technology to ensure the confidentiality, integrity, and authenticity of your data. SecretAgent also offers an optional key recovery scheme. This product is widely used throughout the Federal government as well as by numerous Fortune 100 corporations.

In 1998, ISC was tasked by the NSA to develop the first commercial "software FORTEZZA" product, i.e., a version of SecretAgent that supported MSP version 1 certificates and used the NIST EES ("Skipjack") for bulk encryption and the DoD-classified KEA algorithm for key exchange. NSA demonstrated ISC's solution at a TechNet conference, showing it to be fully interoperable with a hardware-based system using a FORTEZZA PCMCIA card.

ISC introduced its SecurePhone product in 1999. SecurePhone allows two communicants to carry on secure, authenticated, full-duplex voice conversations over the Internet (using any existing TCP/IP stack) or over an ordinary telephone line (using a modem). CertAgent, an affordable, fully functional certificate authority software package, was release in 2001.

A sampling of cryptographic projects in which ISC has been involved:

• Developed the smartcard-based "release authenticator" (digital signature/validation capability) used by the Navy in early generation releases of the NCTS GateGuard system (now run by DISA) (GateGuard information)

• Provided dsaSign to Lockheed for use in the protection of F-22 avionics

• Developed a custom version of SecretAgent integrated by Unisys into the FAA's AeroMedical Examiner's Program

• Participated in the FORTEZZA design process and implemented software FORTEZZA for NSA (Litronic press release on ISC's software FORTEZZA effort)
  
  
• Received Vice President Al Gore's Hammer Award for the GSA's use of a token-based version of dsaSIGN in the FTS2001 Electronic Bid Process (GSA announcement)
                                        
  

• Contributed all security modules for the Key Recovery Demonstration Projects run by both the FBI and the SBA (NIST KRDP information)
  
  
• Developed for AT&T and Hewlett-Packard the Praesidium CDSA 1.2 CSPs for HP-UX 11; subsequently licensed 400,000 copies to HP
  
  
• Designed and developed an S/MIME-based NetPost Certified Electronic PostMark (EPM) client for the USPS (USPS/AT&T/IBM press release)
  
  
• Designed (with Booz-Allen-Hamilton), and implemented for DoD, a central key generation and private encryption key escrowing module for Netscape CMS
  
  
• Designed (with Booz-Allen-Hamilton), and implemented for the U.S. intelligence community, a utility that manages PKI credentials in a largely user-transparent manner; this utility is now sold commercially as the ISC CMU