Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J
21222324252627282930
22 Secure Operation of Crypto-C ME
RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy
Level 1
3 Secure Operation of Crypto-C ME
This section provides an overview of how to securely operate Crypto-C ME in
compliance with the FIPS 140-2 standards.
3.1 Crypto Officer and Crypto User Guidance
The Crypto Officer and Crypto User must only use algorithms approved for use in a
FIPS 140 mode of operation, as listed in Table 4 on page 18. The requirements for
using the approved algorithms in a FIPS 140 mode of operation are as follows:
Two-key Triple-DES encryption is restricted. From January 1, 2011 through to
December 31, 2015, the total number of blocks of data encrypted with the same
cryptographic key shall not be greater than 2
20
(a block is the 64-bit block of a
Triple-DES encryption operation). This restriction also applies to those keys first
used prior to 2011 and continue to be used beyond December 31, 2010.
After December 31, 2015, two-key Triple DES shall not be used for encryption.
Two-key Triple-DES decryption is allowed for legacy-use after 2010.
The length of a DSA key pair for digital signature generation and verification
must be either 2048 or 3072 bits. For digital signature verification, 1024 bits is
allowed for legacy-use.
The length of an RSA key pair for digital signature generation and verification
must be a multiple of 512 between 2048 and 4096 bits, inclusive. For digital
signature verification, a multiple of 512 greater than or equal to 1024 and less than
2048 bits is allowed for legacy-use.
The key length for an HMAC generation or verification must be between 112 and
4096 bits, inclusive. For HMAC verification, a key length greater than or equal to
80 and less than 112 is allowed for legacy-use.
EC key pairs must have named curve domain parameters from the set of
NIST-recommended named curves: P224, P256, P384, P521, B233, B283, B409,
B571, K233, K283, K409, and K571. Named curves P192, B163, and K163 are
allowed for legacy-use.
When using RSA for key wrapping, the strength of the methodology is between
112 and 150 bits of security.
The Diffie-Hellman shared secret provides between 112 and 150 bits of security.
EC Diffie-Hellman primitives must use curve domain parameters from the set of
NIST-recommended named curves. Using NIST-recommended curves, the
computed Diffie-Hellman shared secret provides between 112 and 256 bits of
security.
When using an approved RNG to generate keys, the requested security strength
for the RNG must be at least as great as the security strength of the key being
generated.