fips – Page 4 – WindowsTechs.com

Is Yubikey HSM2 FIPS Compliant?

Posted on November 20, 2019 by Supreet

I searched for Yubico on this NIST validated modules but found only a module from the Yubico 4 series.
(https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Validated-Modules/Search)

Between Yubikey FIPS vs Yubikey HSM2,… Continue reading Is Yubikey HSM2 FIPS Compliant?→

SSH-KEYGEN with FIPS system

Posted on September 5, 2019 by JohnKubik

I am trying to get an sshkey so I can configure remote ssh between a Windows system and Redhat 7 system.

When I run the ssh-keygen which is in fips mode I can not get the puttygen to accept the imported key pairs.

puttygen…. Continue reading SSH-KEYGEN with FIPS system→

OpenSSL and FIPS module 3.0

Posted on August 21, 2019 by Bemipefe

The version 1.0.2 of OpenSSL which is an LTS version will reach soon the end-of-life. This is the only version to be currently FIPS compliant (through the FIPS module 2.0).

According to the information on the OpenSSL blog the new FIPS mod… Continue reading OpenSSL and FIPS module 3.0→

Yubico, Tufin, & Venmo – Hack Naked News #223

Posted on June 18, 2019 by Security Weekly Productions

This week, prevent the impact of a Linux worm, Yubico recalls FIPS Yubikey tokens after flaw discovered, how fraudulent domains hide in plain site, Samsung reminds rabble to scan smart TV’s for viruses and makes them forget, and the scraping … Continue reading Yubico, Tufin, & Venmo – Hack Naked News #223→

Yubico recalls FIPS Yubikey tokens after flaw found

Posted on June 17, 2019 by John E Dunn

Security token maker Yubico has issued an important advisory affecting high-end versions of its YubiKey authentication key. Continue reading Yubico recalls FIPS Yubikey tokens after flaw found→

What is the open source equivalent to a FIPS 140-2 certification

Posted on June 4, 2019 by Gandalf

What is the open source equivalent to FIPS 140-2?. There are businesses that use it when doing business with government. Since a lot of us wont be doing business with the government, is there a similar standard open to the re… Continue reading What is the open source equivalent to a FIPS 140-2 certification→

How to (Securely) Share Certificates with Your Cloud Security Provider

Posted on May 23, 2019 by Ben Zilberman

Businesses today know they must handle sensitive data with extra care. But evolving cyber threats combined with regulatory demands can lead executives to hold their proverbial security cards close to their chest. For example, they may be reluctant to … Continue reading How to (Securely) Share Certificates with Your Cloud Security Provider→

What is FIPS 140-2 and Why it’s Important

Posted on April 19, 2019 by Orlee Berlove

Encryption is key to keeping sensitive data protected. However, there are a number of algorithms available as well as varying capabilities for providing encryption. As a result, it is inevitably challenging to know which algorithm and security standard… Continue reading What is FIPS 140-2 and Why it’s Important→

Is Blowfish validated against any standards?

Posted on February 27, 2019 by Anders Frey

OWASP ASVS 3.0 V7.7 states the following:

Verify that cryptographic algorithms used by the application have been validated against FIPS 140-2 or an equivalent standard.

Blowfish is not included in NISTs database of FIPS… Continue reading Is Blowfish validated against any standards?→

Hardware-Based Password Manager [closed]

Posted on April 28, 2018 by hikingnola

I’m trying to improve my password management, and I have a vision in mind for a solution. However, I’m having a problem putting it all together or finding a product(s) that fits.
First I would like to find out if my overall specification/s… Continue reading Hardware-Based Password Manager [closed]→