Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J
21222324252627282930
28 The Cryptographic Module
RSA BSAFE Crypto-J JSAFE and JCE Software Module 6.2.5 Security Policy Level 1
with Level 2 Roles, Services and Authentication
By default, all Cryptographic Algorithm tests are run at power-up. However, if
configured to do so, the module will run all of the power-up self-tests when first
loaded in an operational environment, and run only the Software Integrity Test on
subsequent restarts.
1.7.2 Conditional Self-tests
The module performs two conditional self-tests:
Pair-wise Consistency Tests each time the module generates a DSA, DH, RSA or
EC public/private key pair.
Continuous RNG (CRNG) Test each time the module produces random data, as
per the FIPS 140-2 standard. The CRNG test is performed on all approved and
non-approved PRNGs (HMAC DRBG, HASH DRBG, CTR DRBG, FIPS186
PRNG, non-approved entropy source).
1.7.3 Mitigation of Other Attacks
RSA, EC, DSA and DH key operations implement blinding by default. Blinding is a
reversible way of modifying the input data, so as to make the operations immune to
timing attacks. Blinding has no effect on the algorithm other than to mitigate attacks
on the algorithm.
RSA, EC, DSA and DH blinding is implemented through blinding modes, for which
the following options are available:
Blinding mode off
Blinding mode with no update, where the blinding value is squared for each
operation.
For other types of timing attacks the module implements time invariant comparisons
and operations, for example, PKCS #1 unpadding, HMAC verify, and RSA verify.
RSA signing operations implement a verification step after private key operations.
This verification step, which has no effect on the signature algorithm, is in place to
prevent potential faults in optimized Chinese Remainder Theorem (CRT)
implementations. For more information, see Modulus Fault Attacks Against
RSA-CRT Signatures.