fips – Page 4 – WindowsTechs.com

OpenSSL and FIPS module 3.0

Posted on August 21, 2019 by Bemipefe

The version 1.0.2 of OpenSSL which is an LTS version will reach soon the end-of-life. This is the only version to be currently FIPS compliant (through the FIPS module 2.0).

According to the information on the OpenSSL blog the new FIPS mod… Continue reading OpenSSL and FIPS module 3.0→

Yubico, Tufin, & Venmo – Hack Naked News #223

Posted on June 18, 2019 by Security Weekly Productions

This week, prevent the impact of a Linux worm, Yubico recalls FIPS Yubikey tokens after flaw discovered, how fraudulent domains hide in plain site, Samsung reminds rabble to scan smart TV’s for viruses and makes them forget, and the scraping … Continue reading Yubico, Tufin, & Venmo – Hack Naked News #223→

Yubico recalls FIPS Yubikey tokens after flaw found

Posted on June 17, 2019 by John E Dunn

Security token maker Yubico has issued an important advisory affecting high-end versions of its YubiKey authentication key. Continue reading Yubico recalls FIPS Yubikey tokens after flaw found→

What is the open source equivalent to a FIPS 140-2 certification

Posted on June 4, 2019 by Gandalf

What is the open source equivalent to FIPS 140-2?. There are businesses that use it when doing business with government. Since a lot of us wont be doing business with the government, is there a similar standard open to the re… Continue reading What is the open source equivalent to a FIPS 140-2 certification→

How to (Securely) Share Certificates with Your Cloud Security Provider

Posted on May 23, 2019 by Ben Zilberman

Businesses today know they must handle sensitive data with extra care. But evolving cyber threats combined with regulatory demands can lead executives to hold their proverbial security cards close to their chest. For example, they may be reluctant to … Continue reading How to (Securely) Share Certificates with Your Cloud Security Provider→

What is FIPS 140-2 and Why it’s Important

Posted on April 19, 2019 by Orlee Berlove

Encryption is key to keeping sensitive data protected. However, there are a number of algorithms available as well as varying capabilities for providing encryption. As a result, it is inevitably challenging to know which algorithm and security standard… Continue reading What is FIPS 140-2 and Why it’s Important→

Is Blowfish validated against any standards?

Posted on February 27, 2019 by Anders Frey

OWASP ASVS 3.0 V7.7 states the following:

Verify that cryptographic algorithms used by the application have been validated against FIPS 140-2 or an equivalent standard.

Blowfish is not included in NISTs database of FIPS… Continue reading Is Blowfish validated against any standards?→

Hardware-Based Password Manager [closed]

Posted on April 28, 2018 by hikingnola

I’m trying to improve my password management, and I have a vision in mind for a solution. However, I’m having a problem putting it all together or finding a product(s) that fits.
First I would like to find out if my overall specification/s… Continue reading Hardware-Based Password Manager [closed]→

FIPS 140-2, Level 1 validation vs. compilation

Posted on April 18, 2018 by Markus A.

I’m working on a system that needs to use cryptographic functions that must be FIPS 140-2, Level 1 validated. The challenging part is that some of this system needs to run in the browser. For maintainability reasons and ease … Continue reading FIPS 140-2, Level 1 validation vs. compilation→

Token FIPS 140-2 level 3 with support for Android, iPhone and Web

Posted on April 16, 2018 by Jonathan Barbero

I’m testing a SafeNet 5100 token FIPS 140-2 level 3. It comes with programs to access and manage it, but only for desktop machines.

I would like to create applications that use level 3 tokens. Is there any level 3 token that provides acce… Continue reading Token FIPS 140-2 level 3 with support for Android, iPhone and Web→