Gemplus develops the world's first Identity-Based Encryption for smart cards

Luxembourg and Cartes 2004, Paris, 2 November 2004 - Gemplus International S.A. (Euronext: LU0121706294 - GEM and NASDAQ: GEMP), the world's leading provider of smart card based solutions, announces the development of the first smart-card implementation of Identity-based Encryption, based on the Boneh-Franklin scheme. This is designed to make the secure encryption of confidential messages more secure and user-friendly, and more manageable for large enterprises and telecom operators.

The Boneh-Franklin scheme, invented in 2001, was the first practical and secure protocol for identity-based encryption. Incorporated onto a smart card, it complements PKI (Public Key Infrastructure) by overcoming incompatibilities between the exchange of certificates and system constraints. It works by using the recipient's name, phone number or email address as the public key enabling message encryption or signature verification. Identity-based Encryption (IBE) can typically allow one subscriber to encrypt an SMS for another subscriber, using the receiver's phone number as the public key. The advantage of IBE is that it eliminates the need for complex certificate management inherent to PKI.

"The implementation of such a protocol in a SIM card gets around the time constraints associated with the decryption of the message and makes the whole process much simpler for the end-user and the telecom operator" said David Naccache, Vice-President, Research and Innovation, Gemplus. "The message itself is directly encrypted with the identity of the recipient meaning that he alone can open his messages".

"IBE on a smart card has several important benefits, including the protection of private keys and strong authentication for end-users," said Dan Boneh, Professor of Computer Science, Stanford, co-inventor of IBE and co-founder of Voltage Security, Inc., "We're thrilled to have smart card leader Gemplus working on IBE, and Voltage looks forward to working with Gemplus to bring a joint solution to market."

The availability of identity-based encryption and signature features in future smart cards will greatly increase the ease with which cards could be integrated in IT infrastructures. This level of security is likely to encourage uptake of applications such as mobile transactions whereby the credit card number can be securely encrypted and decrypted only by the intended recipient. For example, if buying tickets to the theatre over the mobile phone, only the theatre company would be able to decrypt the credit card number necessary to complete the transaction.

For more information and a demonstration, visit the Gemplus stand (Hall 3, E2) at Cartes 2004, 2-4 November 2004.

About Gemplus
Gemplus International S.A. (Euronext: LU0121706294 - GEM and NASDAQ: GEMP) is the world's leading player in the smart card industry in both revenue and total shipments (source: Gartner-Dataquest (2004), Frost & Sullivan, Datamonitor.). It has sold over 4 billion smart cards.

With security at its core, and 2400 patents produced by its innovative R&D team, Gemplus delivers a wide range of portable, personalized solutions in areas including Identity, Mobile Telecommunications, Public Telephony, Banking, Retail, Transport, Healthcare, WLAN, Pay-TV, e-government, and access control.

Gemplus' revenue in 2003 was 749 million Euros.

www.gemplus.com

For more information

Jane Strachey
Gemplus PR
Tel: +33 (0) 6 76 49 35 93
e-mail: jane.strachey@gemplus.com

Vanessa Clarke
Edelman Public Relations
Tel: +44 20 7344 1349
e-mail: vanessa.clarke@edelman.com 

©2004 Gemplus. All rights reserved. Gemplus, the Gemplus logo, and SafesITe are trademarks and service marks of Gemplus S.A. and are registered in certain countries. Sun, Java and Java Card are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. All other trademarks and service marks, whether registered or not in specific countries, are the property of their respective owners.

Some of the statements contained in this release constitute forward-looking statements. These statements relate to future events or our future financial performance and involve known and unknown risks, uncertainties, and other factors that may cause our or our industry's actual results, levels of activity, performance or achievements to be materially different from any future results, levels of activities, performance, or achievements expressed or implied by such forward-looking statements. Actual events or results may differ materially. Although we believe that the expectations reflected in the forward-looking statements are reasonable, we cannot guarantee future results, levels of activity, performance or achievements. Factors that could cause actual results to differ materially from those estimated by the forward-looking statements contained in this release include, but are not limited to: trends in wireless communication and mobile commerce markets; our ability to develop new technology, and the effects of competing technologies developed and expected intense competition generally in our main markets; profitability of our expansion strategy; challenges to or loss of our intellectual property rights; our ability to establish and maintain strategic relationships in our major businesses; our ability to develop and take advantage of new software and services; and the effect of future acquisitions and investments on our share price. Moreover, neither we nor any other person assumes responsibility for the accuracy and completeness of such forward-looking statements. The forward-looking statements contained in this release speak only as of this release. We are under no duty to update any of the forward-looking statements after this date to conform such statements to actual results or to reflect the occurrence of anticipated results.