---
title: "Algorithm Support - Strict FIPS Mode"
slug: "algorithm-support-strict-fips-mode"
updated: 2024-06-21T10:58:36Z
published: 2024-06-21T10:58:36Z
---

> ## Documentation Index
> Fetch the complete documentation index at: https://support.fortanix.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Algorithm Support - Strict FIPS Mode

This page describes the algorithms supported by Fortanix-Data-Security-Manager (DSM) in strict FIPS 140-2 Level 3 mode.

For more information on Fortanix DSM cryptographic policies, refer to [User's Guide: Cryptographic Policy.](/v1/docs/users-guide-account-cryptographic-policy)

| **Crypto** | **Primitive Type** | **Algorithm** | **Mode/Method** | **Key Size/Curve** | **Import/export key format (Private/Public)** | **Use** |
| --- | --- | --- | --- | --- | --- | --- |
| Symmetric | Block cipher | AES | ECB, CBC, CBC (no padding), CFB, CTR, GCM, CCM, OFB, KW, KWP, FF1, CMAC | 128, 192, or 256 bits | raw | Data Encryption/Decryption, Key, Wrapping/Unwrapping, MAC, Key Generation, Key Derivation, and Tokenization |
| Cryptographic hash functions | SHA-2 | SHA-224, SHA-256, SHA-384, SHA-512 | HMAC key length: between 112 and 8192 bits | (HMAC) raw | Message Digest, MAC, Key Generation |
| SHA-3 | SHA3-224, SHA3-256, SHA3-384, SHA3-512 |  |  | Message Digest and Key Generation |
| Asymmetric | Elliptic Curve | ECDSA | standard**¹** | NIST P-224, NIST P-256, NIST P-384, NIST P-521 | PKCS#8 DER/SubjectPublicKeyInfo DER (RFC5480/RFC5915) | Digital Signature sign/verify and Key Generation |
| RSA | RSA | PKCS#1 v1.5**⁵**, OAEP**⁶**, PSS**⁶** | Between 2048 and 8192 bits | PKCS#8 DER/SubjectPublicKeyInfo DER (RFC5208/RFC5280) |

**¹****-******With hash algorithms: SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512, Blake2b***** (256, 384, 512), Blake2s-256*****

**⁵****-** With hash algorithms (sign/verify): SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SSL3*****

**⁶ -** Supported mask generation functions: MGF1 with SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512. The MGF hash function must be the same as the data hash function..

*** -** Hash algorithms not listed as a supported “Cryptographic hash function” on this page can only be used in signature generation/verification with prehashed data.

Additional restrictions in FIPS mode are as follows:

| **Item** | **Restrictions** |
| --- | --- |
| **AES** | - In authenticated modes, that is, GCM, CCM, KW, KWP, only system-generated initialization vectors are permitted. - FF1: Complex alphabet options not supported. |
| **ECDSA** | - Curve P192 keys can only be imported for Verify operations. - Deterministic Signature is not permitted. |
| **RSA** | - 1024-bit keys can only be imported for Verify operations. - The same key cannot be used for Sign Generation / Verification and Encryption / Decryption operations. - Only Exponent 65537 is allowed. - Hash algorithms used in Sign/Verify: SHA-256, SHA-384, SHA-512. |
| **Sign and Verify Operations** | - Hashing algorithm size should be less than 2x the key strength being used for Signature generation. - Only system-generated hash of the Sign payload is permitted. |
| **HMAC** | - HMAC key size must be at least half the HMAC algorithm size. |

Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.

Fortanix Data Security Manager (DSM) is the world’s first cloud service secured with Intel® SGX. With Fortanix DSM, you can securely generate, store, and use cryptographic keys and certificates, as well as other secrets such as passwords, API keys, tokens, or any blob of data. Your business-critical applications and containers can integrate with Fortanix DSM using legacy cryptographic interfaces (PKCS#11, CNG, and JCE) or using the native Fortanix DSM RESTful interface.

## Related

- [Algorithm Support](/algorithm-support.md)
- [PKCS#11 Supported Functions and Mechanisms](/pkcs11-supported-functions-and-mechanisms.md)
- [Custom Role](/users-guide-custom-role.md)
- [Security Objects Tokenization](/users-guide-tokenization.md)