Reference Guide

Crypto-C ME Cryptographic Toolkit 3

RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy

Level 1

2 Crypto-C ME Cryptographic Toolkit

Crypto-C ME is designed with the ability to optimize code for different processors,

and specific speed or size requirements. Assembly-level optimizations on key

processors mean Crypto-C ME algorithms can be used at increased speeds on many

platforms.

Crypto-C ME offers a full set of cryptographic algorithms including asymmetric key

algorithms, symmetric key block and stream algorithms, message digests, message

authentication, and Pseudo Random Number Generator (PRNG) support. Developers

can implement the full suite of algorithms through a single Application Programming

Interface (API) or select a specific set of algorithms to reduce code size or meet

performance requirements.

Note: When operating in a FIPS 140-2-approved manner, the set of available

algorithms cannot be changed.

2.1 Cryptographic Module

Crypto-C ME is classified as a multi-chip standalone cryptographic module for the

purposes of FIPS 140-2. As such, Crypto-C ME must be tested on a specific operating

system and computer platform. The cryptographic boundary includes Crypto-C ME

running on selected platforms running selected operating systems while configured in

“single user” mode. Crypto-C ME is validated as meeting all FIPS 140-2 Level 1

security requirements.

Crypto-C ME is packaged as a set of dynamically loaded modules or shared library

files containing the module's entire executable code. The Crypto-C ME toolkit relies

on the physical security provided by the host PC in which it runs.