Release Notes
Algorithms and Key Sizes 21
RSA BSAFE Crypto-C Micro Edition 4.1.4 Release Notes
Random Bit
Generator
CTR DRBG
• AES-CTR mode with 128, 192, and 256-bit key sizes.
SP 800-90A
Rev. 1
HMAC DRBG Modes
• SHA-1, SHA-224, SHA-256, SHA-384, SHA-512,
SHA-512/224, SHA-512/256
• SHA3-224, SHA3-256, SHA3-384, SHA3-512
SP 800-90A
Rev. 1
FIPS 202
Symmetric
Cipher
AES
• CBC, CFB 128-bit, ECB, OFB 128-bit, and CTR modes with 128,
192, and 256-bit key sizes
• CCM modes with 128, 192, and 256-bit key sizes
• GCM mode with automatic internally generated IV with 128, 192,
and 256-bit key sizes
• XTS mode with 128 and 256-bit key sizes.
SP 800-38A
SP 800-38C
SP 800-38D
SP 800-38E
Triple-DES (three key)
• ECB, CBC, CFB 64-bit, and OFB 64-bit modes
SP 800-67,
SP 800-38A
1
A 3072-bit modulus is not tested by the CAVP but is approved for use in the FIPS 140-2 approved mode of operation.
RSA affirms correct implementation of RSADP and RSASP1 with a 3072-bit modulus.
2
Elliptic Curve Cryptography (ECC); the public-key cryptographic methods using operations in an elliptic curve
group. ECC keys are used in several algorithms including ECDSA, ECDH and ECDHC.
3
Finite Field Cryptography (FFC); the public-key cryptographic methods using operations in a multiplicative group of
a finite field. FFC keys are used in algorithms including DSA and Diffie-Hellman.
4
CMVP KAS certificates show compliance with the original version of SP 800-56A. RSA affirms compliance with SP
800-56A Rev. 2 as detailed in IG D.1-rev2.
5
All schemes were tested with single step concatenation KDF and key confirmation.
6
As defined in SP 800-132, PBKDF2 can be used in FIPS 140-2 approved mode of operation when used with FIPS
140-2-approved symmetric key and message digest algorithms.
Table 2 Crypto-C ME FIPS 140-2-approved Algorithms (continued)
Algorithm
Type
Algorithm and approved parameter/modulus/key sizes Standard