Collaborate Disseminate
We are currently using ForgeRock as an Identity and Access Management solution, this is being hosted on Infrastructure-as-a-Service machines in Azure, i.e. Virtual Machine Scale Sets. There is a requirement to protect the pr… Continue reading Is it possible to configure the Java Cryptography Architecture to use Azure Key Vault as a crypto provider?
I am working with legacy code of a Broker that has 1.1.0e openssl version. I have to integrate a FIPS compliant openssl library to the Broker. So I have downloaded “openssl-fips-2.0.16” from OpenSSL web site . When I check th… Continue reading How to upgrade openssl 1.1.0e to openssl fips 2.0.x version in linux?
I’m trying to weigh my options for a personal HSM. I wish to store both passwords and private PGP keys. I’ve been doing my research but I’m not a security expert and am feeling slightly overwhelmed; please educate me.
FIPS 140-2 allows FIPS approved algorithms to be either tested by CAVP or to be vendor affirmed. What does “vendor affirmed” imply here? Can I say my AES implementation as vendor affirmed and get it added to the FIPS certific… Continue reading What are vendor affirmed algorithms in FIPS 140-2
If a cryptographic module implements a bypass capability, where
services are provided without cryptographic processing (e.g., transferring plaintext through the
module without encryption), then two independent internal… Continue reading What are "two independent internal actions" referred in FIPS 140-2
Security researchers discovered that the pseudorandom number generator that underpins cryptographic operations in Fortinet appliances and products from other 11 other vendors rendered encrypted traffic vulnerable to snooping for years. The affected pro… Continue reading PRNG Weakness Reflects Poorly on Government Crypto Certification
The DUHK Attack leverages a 20-year-old random number generator flaw to recover private keys. More pertinent, researchers said, is that the flaw exposes gaps in the FIPS certification process. Continue reading DUHK Attack Exposes Gaps in FIPS Certification
my company is trying to get our OpenSSL 1.0.2l software (it’s compiled in FIPS mode with the FIPS canister) FIPS certified, but I am having difficulty generating RSA keys according to the FIPS 186-4 testing format specified i… Continue reading Generating RSA keys per the FIPS 186-4 standard
I’m not really aware of FIPS 140-2 requirements, but AFAIK some MS cryptographic libraries are FIPS 140-2 level 1 certified, so here it goes my question:
If I do have the following requirement:
Signature private keys has to be stored … Continue reading Is Windows certificate store FIPS 140-2 level 1 certified?
We have an app that makes use of Non FIPS compliant AES256 System.Cryptography calls. My question is, can Bitlocker be FIPS140 compliant on a PC, but not need the FIPS algorithm set for .NET calls?
For the U.S. Government (V… Continue reading Windows 10 FIPS140 Bitlocker without using System Cryptography policy