Difference between revisions of "Why you need to use a FIPS 140-2 validated cryptomodule"

From OWASP
Jump to: navigation, search
(New page: == Why you need to use a FIPS 140-2 validated cryptomodule == The OWASP ASVS includes verification requirements that prescribe the use of a FIPS 140-2 validated cryptomodule. The applicab...)
 
 
(10 intermediate revisions by 2 users not shown)
Line 1: Line 1:
== Why you need to use a FIPS 140-2 validated cryptomodule ==
+
If you are performing an application security verification according to the [[::Category:OWASP_Application_Security_Verification_Standard_Project |OWASP Application Security Verification Standard (ASVS)]] verification requirements, you will need to make sure that any cryptographic functions are being performed by a FIPS 140-2 validated cryptomodule.
  
The OWASP ASVS includes verification requirements that prescribe the use of a FIPS 140-2 validated cryptomodule. The applicable ASVS requirement reads in part:
 
  
''"V7.1: Verify that cryptographic modules used by the application have been validated against FIPS 140-2 ..."''
+
[[Image:Asvs_cryptomodule.gif|thumb|350px|right|Cryptomodule Parts and Operation]]
 +
A cryptomodule, whether it is a software library or a hardware device, basically consists of three parts:
  
This is an important requirement for both public and private sector applications. A validated cryptomodule is... The requirement to use a validated cryptomodule was included in the standard to ensure that...
 
  
== How to find out if the cryptomodule(s) that you are using is (are) FIPS 140-2 validated ==
+
*Components that ''implement cryptographic algorithms'' (symmetric and asymmetric algorithms, hash algorithms, random number generator algorithms, and message authentication code algorithms)
  
Here is how you can find out if the cryptomodule(s) that you are using is (are) FIPS 140-2 validated...
+
*Components that ''call and manage cryptographic functions'' (inputs and outputs include cryptographic keys and so-called critical security parameters)
  
CMVP module validation lists: http://csrc.nist.gov/groups/STM/cmvp/validation.html
+
*A ''physical container around the components'' that implement cryptographic algorithms and the components that call and manage cryptographic functions
  
== How to find out if the cryptomodule(s) that you are using is (are) operating in an approved or in an allowed mode ==
 
  
Here is how you can find out if your validated cryptomodule(s) is (are) operating in an approved or in an allowed mode...  
+
The security of a cryptomodule and its services depends on the correct implementation and integration of ''each'' of these three parts. While most folks understand that implementing cryptographic algorithms correctly is a hard thing to do, most do not understand that calling and managing cryptographic functions and their inputs and outputs, and ensuring the secure construction of the physical container around the components, are equally important in determining the security of a cryptomodule and its services.
  
== References ==
 
  
For more information...
+
Using a FIPS 140-2 validated cryptomodule provides a greater chance that the cryptomodule is providing the services that you are expecting from it.
  
CMVP: http://csrc.nist.gov/groups/STM/cmvp/index.html
 
  
CAVP: http://csrc.nist.gov/groups/STM/cavp/index.html
+
References:
  
== Postscript ==
+
*CMVP: http://csrc.nist.gov/groups/STM/cmvp/index.html
 
+
*CAVP: http://csrc.nist.gov/groups/STM/cavp/index.html
+
 
+
The author of this article can be reached at boberski_michael(at)bah.com
+
 
+
Good luck!
+
  
 
[[Category:OWASP Application Security Verification Standard Project]]
 
[[Category:OWASP Application Security Verification Standard Project]]
 
+
[[Category:How To]]
{{Stub}}
+

Latest revision as of 07:24, 29 March 2009

If you are performing an application security verification according to the OWASP Application Security Verification Standard (ASVS) verification requirements, you will need to make sure that any cryptographic functions are being performed by a FIPS 140-2 validated cryptomodule.


Cryptomodule Parts and Operation

A cryptomodule, whether it is a software library or a hardware device, basically consists of three parts:


  • Components that implement cryptographic algorithms (symmetric and asymmetric algorithms, hash algorithms, random number generator algorithms, and message authentication code algorithms)
  • Components that call and manage cryptographic functions (inputs and outputs include cryptographic keys and so-called critical security parameters)
  • A physical container around the components that implement cryptographic algorithms and the components that call and manage cryptographic functions


The security of a cryptomodule and its services depends on the correct implementation and integration of each of these three parts. While most folks understand that implementing cryptographic algorithms correctly is a hard thing to do, most do not understand that calling and managing cryptographic functions and their inputs and outputs, and ensuring the secure construction of the physical container around the components, are equally important in determining the security of a cryptomodule and its services.


Using a FIPS 140-2 validated cryptomodule provides a greater chance that the cryptomodule is providing the services that you are expecting from it.


References: