Reference Guide
Secure Operation of Crypto-C ME 37
RSA BSAFE Crypto-C Micro Edition 4.1.4 Security Policy Level 1
with Level 2 Roles, Services and Authentication
RFC 5288, are generated deterministically by the module using an 64-bit
global counter within the module. The module uses the current system
time to initialize the counter when it is first used. The module user must
ensure the system time is valid to prevent repetition of IVs.
– In case the power to the module is lost and then restored, a new key must be
used for AES GCM encryption/decryption.
– AES in XTS mode is approved only for hardware storage applications.
The two keys concatenated to create the single double-length key must be
checked to ensure they are different. This is the default for the module.
If the check is turned off by calling
R_CR_set_info() with
R_CR_INFO_ID_CIPHER_XTS_KEY_CHECK, AES in XTS mode is not
FIPS 140-2-approved.
– The following restrictions apply to the use of Triple-DES. For:
• Two-key Triple-DES:
• The use of two-key Triple-DES for encryption is disallowed.
• Decryption using two-key Triple-DES is allowed for legacy-use
The user should determine the risk of accepting the decrypted
information when processing more than 2
20
blocks of data encrypted
using two-key Triple-DES.
For more information about the use of two-key Triple-DES, see
SP 800-131A Rev 1.
– Three-key Triple-DES:
• The use of three-key Triple-DES is approved.
• The user is responsible for ensuring the same Triple-DES key has a limit
of:
• 2
20
64-bit data block encryptions when keys are generated as part of
one of the recognized IETF protocols.
• 2
16
64-bit data block encryptions otherwise.
– For more information about the use of three-key Triple-DES, see
SP 800-67 Rev. 2.