fips – Page 6 – WindowsTechs.com

How to upgrade openssl 1.1.0e to openssl fips 2.0.x version in linux?

Posted on January 4, 2018 by korayguney

I am working with legacy code of a Broker that has 1.1.0e openssl version. I have to integrate a FIPS compliant openssl library to the Broker. So I have downloaded “openssl-fips-2.0.16” from OpenSSL web site . When I check th… Continue reading How to upgrade openssl 1.1.0e to openssl fips 2.0.x version in linux?→

Weighing options for personal HSM?

Posted on December 20, 2017 by rob

I’m trying to weigh my options for a personal HSM. I wish to store both passwords and private PGP keys. I’ve been doing my research but I’m not a security expert and am feeling slightly overwhelmed; please educate me.

This … Continue reading Weighing options for personal HSM?→

What are vendor affirmed algorithms in FIPS 140-2

Posted on November 21, 2017 by aviator

FIPS 140-2 allows FIPS approved algorithms to be either tested by CAVP or to be vendor affirmed. What does “vendor affirmed” imply here? Can I say my AES implementation as vendor affirmed and get it added to the FIPS certific… Continue reading What are vendor affirmed algorithms in FIPS 140-2→

What are "two independent internal actions" referred in FIPS 140-2

Posted on November 2, 2017 by aviator

If a cryptographic module implements a bypass capability, where
services are provided without cryptographic processing (e.g., transferring plaintext through the
module without encryption), then two independent internal… Continue reading What are "two independent internal actions" referred in FIPS 140-2→

PRNG Weakness Reflects Poorly on Government Crypto Certification

Posted on October 24, 2017 by Lucian Constantin

Security researchers discovered that the pseudorandom number generator that underpins cryptographic operations in Fortinet appliances and products from other 11 other vendors rendered encrypted traffic vulnerable to snooping for years. The affected pro… Continue reading PRNG Weakness Reflects Poorly on Government Crypto Certification→

DUHK Attack Exposes Gaps in FIPS Certification

Posted on October 24, 2017 by Michael Mimoso

The DUHK Attack leverages a 20-year-old random number generator flaw to recover private keys. More pertinent, researchers said, is that the flaw exposes gaps in the FIPS certification process. Continue reading DUHK Attack Exposes Gaps in FIPS Certification→

Generating RSA keys per the FIPS 186-4 standard

Posted on September 18, 2017 by Dan

my company is trying to get our OpenSSL 1.0.2l software (it’s compiled in FIPS mode with the FIPS canister) FIPS certified, but I am having difficulty generating RSA keys according to the FIPS 186-4 testing format specified i… Continue reading Generating RSA keys per the FIPS 186-4 standard→

Is Windows certificate store FIPS 140-2 level 1 certified?

Posted on September 8, 2017 by Jaime Hablutzel

I’m not really aware of FIPS 140-2 requirements, but AFAIK some MS cryptographic libraries are FIPS 140-2 level 1 certified, so here it goes my question:

If I do have the following requirement:

Signature private keys has to be stored … Continue reading Is Windows certificate store FIPS 140-2 level 1 certified?→

Windows 10 FIPS140 Bitlocker without using System Cryptography policy

Posted on July 10, 2017 by Ben Butzer

We have an app that makes use of Non FIPS compliant AES256 System.Cryptography calls. My question is, can Bitlocker be FIPS140 compliant on a PC, but not need the FIPS algorithm set for .NET calls?

For the U.S. Government (V… Continue reading Windows 10 FIPS140 Bitlocker without using System Cryptography policy→

Microsoft CryptoAPI FIPS 140-2

Posted on June 8, 2017 by Eugene

My customer asks me to use FIPS 140-2 validated cryptographic libraries.
Currently I have AES 256 encryption using Microsoft CryptoAPI in my application. First I get the provider (HCRYPTPROV) using CryptAcquireContext with MS… Continue reading Microsoft CryptoAPI FIPS 140-2→