Are RFC 2104 and FIPS 198 compatible with each other?
Is the FIPS 198 specification of HMAC compatible with the RFC specification for HMAC?
Continue reading Are RFC 2104 and FIPS 198 compatible with each other?
Category Archives: fips
OpenSSL fips self test
I have an application that puts openssl into fips mode by calling FIPS_mode_set, that works ok .
Ny understanding is that also runs fips self test .
How can I see the output for those tests ? Pass/fail/progress ?
I would lik… Continue reading OpenSSL fips self test
SSL/TLS – Certificate chain validation result in "Invalid authentication type: DHE_RSA"
I have an application that connects to a remote web service deployed on HTTPS.
Our application uses FIPS-140 Level-1 for SSL/TLS connectivity, and is based on JCE providers of RSA (the company).
com.rsa.jsse.JsseProvider.Jss… Continue reading SSL/TLS – Certificate chain validation result in "Invalid authentication type: DHE_RSA"
use of PRNG in OpenSSL – fips mode
I am working on a centos based network device , required to pass fips 140-2 level 2.
I plan to use openssl in fips mode and CTR_DRBG will use as PRNG.
will this be enough for meeting NIST SP 800-90 requirments ?
Do I need t… Continue reading use of PRNG in OpenSSL – fips mode
Full Disk Encryption and FIPS
I’ve been tasked to find out what’s required to use BitLocker (or any other FDE method/mechanism) in Windows 10 in “FIPS mode”. This is outside the realm of my expertise (and I’ve advised the client to this fact), but I’ve en… Continue reading Full Disk Encryption and FIPS
In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)
There is a growing trend to utilize more In-Memory Storage for a wide variety of use cases from big data analytics (Spark) to faster processing power (MemSQL) to caching (Redis) most frequently accessed data before making a t… Continue reading In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)
In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)
There is a growing trend to utilize more In-Memory Storage for a wide variety of use cases from big data analytics (Spark) to faster processing power (MemSQL) to caching (Redis) most frequently accessed data before making a t… Continue reading In-Memory Database Storage and Security (MemSQL, Spark, Redis, Geode, et al)
Why aren’t there FIPS level 4 devices on the market?
While searching for a secure USB to use, I came across the Aegis secure key, which has FIPS Level 3 (140-2) security. I believe that it’s the securest flash drive on the market. I found that the highest level is actually leve… Continue reading Why aren’t there FIPS level 4 devices on the market?
FIPS Compliance with HMACSHA1 vs HMACSHA256 / HMACSHA512
My organization has a group policy that is applied to servers enforcing FIPS compliance (Windows AD policy).
In .NET, HMACSHA1 is one of the encryption/hash algorithms that is FIPS compliant. I don’t understand how HMACSHA256 or HMACSHA51… Continue reading FIPS Compliance with HMACSHA1 vs HMACSHA256 / HMACSHA512
HSM maintenance
I have a HSM that is an asset within a information security management system and the help desk team tells me that the device is displaying a critical failure alert. So my questions are: Must I replace the HSM with a new one … Continue reading HSM maintenance