Reference Guide
Crypto-C ME Cryptographic Toolkit 25
RSA BSAFE Crypto-C Micro Edition 4.1.4 Security Policy Level 1
1.5.2 FIPS 140-2-allowed Algorithms
The following table lists the Crypto-C ME FIPS 140-2-allowed algorithms, with
appropriate standards.
Table 5 Crypto-C ME FIPS 140-2-allowed Algorithms
Algorithm Type Algorithm Standard
Asymmetric Key
DH
1
• Key Pair Generation Domain Parameter Size sets:
2048 bits <= L <= 8192 bits and N >= 224 bits
1
Not compliant with SP 800-56A. Allowed in an FIPS 140-2 approved mode of operation during the SP 800-131A
transition as amended by the NIST CMVP notice dated [Oct-31-2017] 'Transition Plans for Key Establishment
Schemes using Public Key Cryptography'.
IEEE P-1363
Key Agreement
Primitives
ECC
• Primitive: EC Diffie-Hellman
1
• Curves: B-233, B-283, B-409, B-571, K-233, K-283,
K-409, K-571, P-224, P-256, P-384, P-521
IG D.8
SECG SEC 1
FFC
• Primitive: Diffie-Hellman
1
• Domain Parameter Size sets:
2048 bits <= L <= 8192 bits and N >= 224 bits
IG D.8
IEEE P-1363
Key
Encapsulation
RSA PKCS #1 v1.5 key decryption
Modulus sizes: 2048 to 15360 in increments of 256 bits
IG D.9
RFC 2313
Message Digest
MD5
2
• As part of an approved key transport scheme, for
example, TLS 1.0, where no security is provided by
the MD5 algorithm.
2
MD5 is allowed in the FIPS140-2 approved mode of operation for a purpose that is not security relevant or is
redundant to an approved cryptographic algorithm. See section 4.2.1 of SP 800-135 Rev. 1 and IG 1.23
SP 800-135 Rev. 1
RFC 2246
RFC 4346
Random Number Non-deterministic Random Number Generator (NDRNG)
Entropy source to seed the random number generator.
IG G.13