Manualshelf

Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Micro Edition Suite
21222324252627282930
30 Crypto-C ME Cryptographic Toolkit
RSA BSAFE Crypto-C Micro Edition 4.1.4 Security Policy Level 1
with Level 2 Roles, Services and Authentication
1.6.2 Conditional Self-tests
Crypto-C ME performs two conditional self-tests:
A pair-wise consistency test each time Crypto-C ME generates a DH, DSA, RSA,
or ECC public/private key pair.
A Continuous Random Number Generation (CRNG) test each time the toolkit
produces random data, as per the FIPS 140-2 standard. The CRNG test is
performed on all approved and non-approved PRNGs (CTR DRBG,
HMAC DRBG, NDRNG (Entropy), non-approved RNG (FIPS 186-2) and
non-approved RNG (OTP)).
DRBG tests are run during instantiation, random generation, and re-seeding by the
toolkit.
1.6.3 Mitigation of Other Attacks
The following table describes the mechanisms employed to mitigate against attacks
which might prevent proper operation of the module.
Blinding:
RSA key operations implement blinding, a reversible way of modifying the input data,
so as to make the RSA operation immune to timing attacks. Blinding has no effect on
the algorithm other than to mitigate attacks on the algorithm. Blinding is implemented
through blinding modes, and the following options are available:
Blinding mode off.
Blinding mode with no update, where the blinding value is constant for each
operation.
Blinding mode with full update, where a new blinding value is used for each
operation.
RSA signing operations implement a verification step after private key operations.
This verification step, which has no effect on the signature algorithm, is in place to
prevent potential faults in optimized Chinese Remainder Theorem (CRT)
implementations. For more information, see Modulus Fault Attacks Against
RSA-CRT Signatures.
Table 7 Mitigation of Other Attacks
Attack Mitigation Mechanism
Timing Attack on RSA Blinding
Padding Oracle Attack on PKCS #1 Constant time padding operation