DOCSLIB.ORG

Security Policy: Informacast Java Crypto Library

Security Policy: Informacast Java Crypto Library

FIPS 140-2 Non-Proprietary Security Policy: InformaCast Java Crypto Library FIPS 140-2 Non-Proprietary Security Policy InformaCast Java Crypto Library Software Version 3.0 Document Version 1.2 June 26, 2017 Prepared For: Prepared By: Singlewire Software SafeLogic Inc. 1002 Deming Way 530 Lytton Ave, Suite 200 Madison, WI 53717 Palo Alto, CA 94301 www.singlewire.com www.safelogic.com Document Version 1.2 © Singlewire Software Page 1 of 35 FIPS 140-2 Non-Proprietary Security Policy: InformaCast Java Crypto Library Abstract This document provides a non-proprietary FIPS 140-2 Security Policy for InformaCast Java Crypto Library. Document Version 1.2 © Singlewire Software Page 2 of 35 FIPS 140-2 Non-Proprietary Security Policy: InformaCast Java Crypto Library Table of Contents 1 Introduction .................................................................................................................................................. 5 1.1 About FIPS 140 ............................................................................................................................................. 5 1.2 About this Document.................................................................................................................................... 5 1.3 External Resources ....................................................................................................................................... 5 1.4 Notices .......................................................................................................................................................... 5 2 InformaCast Java Crypto Module................................................................................................................... 6 2.1 Cryptographic Module Specification ............................................................................................................ 6 2.1.1 Validation Level Detail ............................................................................................................................. 6 2.1.2 Modes of Operation ................................................................................................................................. 6 2.1.3 Module Configuration .............................................................................................................................. 7 2.1.4 Approved Cryptographic Algorithms ....................................................................................................... 9 2.1.5 Non-Approved Cryptographic Algorithms ............................................................................................. 15 2.1.6 Non-Approved Mode of Operation ....................................................................................................... 15 2.2 Critical Security Parameters and Public Keys ............................................................................................. 17 2.2.1 Critical Security Parameters ................................................................................................................... 17 2.2.2 Public Keys ............................................................................................................................................. 19 2.3 Module Interfaces ...................................................................................................................................... 20 2.4 Roles, Services, and Authentication ........................................................................................................... 21 2.4.1 Assumption of Roles .............................................................................................................................. 21 2.4.2 Services .................................................................................................................................................. 22 2.5 Physical Security ......................................................................................................................................... 27 2.6 Operational Environment ........................................................................................................................... 27 2.6.1 Use of External RNG ............................................................................................................................... 27 2.7 Self-Tests .................................................................................................................................................... 28 2.7.1 Power-Up Self-Tests ............................................................................................................................... 28 2.7.2 Conditional Self-Tests ............................................................................................................................ 29 2.8 Mitigation of Other Attacks ....................................................................................................................... 30 3 Security Rules and Guidance ....................................................................................................................... 31 3.1 Basic Enforcement ...................................................................................................................................... 31 3.1.1 Additional Enforcement with a Java SecurityManager .......................................................................... 31 3.1.2 Basic Guidance ....................................................................................................................................... 31 3.1.3 Enforcement and Guidance for GCM IVs ............................................................................................... 32 3.1.4 Enforcement and Guidance for use of the Approved PBKDF ................................................................ 32 3.1.5 Software Installation .............................................................................................................................. 32 4 References and Acronyms ........................................................................................................................... 33 4.1 References .................................................................................................................................................. 33 4.2 Acronyms .................................................................................................................................................... 34 Document Version 1.2 © Singlewire Software Page 3 of 35 FIPS 140-2 Non-Proprietary Security Policy: InformaCast Java Crypto Library List of Tables Table 1 – Validation Level by FIPS 140-2 Section ........................................................................................................... 6 Table 2 – Available Java Permissions ............................................................................................................................. 8 Table 3 – FIPS-Approved Algorithm Certificates .......................................................................................................... 13 Table 4 – Approved Cryptographic Functions Tested with Vendor Affirmation.......................................................... 14 Table 5 – Non-Approved but Allowed Cryptographic Algorithms ............................................................................... 15 Table 6 – Non-Approved Cryptographic Functions for use in non-FIPS mode only .................................................... 16 Table 7 – Critical Security Parameters ......................................................................................................................... 18 Table 8 – Public Keys ................................................................................................................................................... 19 Table 9 – Logical Interface / Physical Interface Mapping ............................................................................................ 21 Table 10 – Description of Roles ................................................................................................................................... 21 Table 11 – Module Services, Roles, and Descriptions.................................................................................................. 24 Table 12 – CSP Access Rights within Services .............................................................................................................. 26 Table 13 – Power-Up Self-Tests ................................................................................................................................... 29 Table 14 – Conditional Self-Tests ................................................................................................................................. 29 Table 15 – References ................................................................................................................................................. 34 Table 16 – Acronyms and Terms.................................................................................................................................. 35 List of Figures Figure 1 – Module Boundary and Interfaces Diagram ................................................................................................. 20 Document Version 1.2 © Singlewire Software Page 4 of 35 FIPS 140-2 Non-Proprietary Security Policy: InformaCast Java Crypto Library 1 Introduction 1.1 About FIPS 140 Federal Information Processing Standards Publication 140-2 — Security

View Full Text

Details

  • File Type
    pdf
  • Upload Time
    -
  • Content Languages
    English
  • Upload User
    Anonymous/Not logged-in
  • File Pages
    35 Page
  • File Size
    -

Download

Channel Download Status
Express Download Enable

Copyright

We respect the copyrights and intellectual property rights of all users. All uploaded documents are either original works of the uploader or authorized works of the rightful owners.

  • Not to be reproduced or distributed without explicit permission.
  • Not used for commercial purposes outside of approved use cases.
  • Not used to infringe on the rights of the original creators.
  • If you believe any content infringes your copyright, please contact us immediately.

Support

For help with questions, suggestions, or problems, please contact us