Algorithm Support - Strict FIPS Mode

This page describes the algorithms supported by Fortanix Data Security Manager (DSM) in strict FIPS 140-2 Level 3 mode.

For more information on Fortanix DSM cryptographic policies, refer to User's Guide: Cryptographic Policy.

Crypto Primitive Type Algorithm Mode/Method Key Size/Curve Import/export key format (Private/Public) Use
Symmetric Block cipher AES ECB, CBC, CBC (no padding), CFB, CTR, GCM, CCM, OFB, KW, KWP, FF1, CMAC 128, 192, or 256 bits raw Data Encryption/Decryption, Key, Wrapping/Unwrapping, MAC, Key Generation, Key Derivation, and Tokenization
Cryptographic hash functions

SHA-2 SHA-224, SHA-256, SHA-384, SHA-512 HMAC key length: between 112 and 8192 bits (HMAC) raw Message Digest, MAC, Key Generation
SHA-3 SHA3-224, SHA3-256, SHA3-384, SHA3-512     Message Digest and Key Generation
Asymmetric Elliptic Curve ECDSA standard¹ NIST P-224, NIST P-256, NIST P-384, NIST P-521 PKCS#8 DER/SubjectPublicKeyInfo DER (RFC5480/RFC5915) Digital Signature sign/verify and Key Generation
RSA RSA PKCS#1 v1.5, OAEP, PSS Between 2048 and 8192 bits PKCS#8 DER/SubjectPublicKeyInfo DER (RFC5208/RFC5280)

 

¹ - With hash algorithms: SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512, Blake2b* (256, 384, 512), Blake2s-256*

 - With hash algorithms (sign/verify): SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SSL3*

 - Supported mask generation functions: MGF1 with SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512. The MGF hash function must be the same as the data hash function..

* - Hash algorithms not listed as a supported “Cryptographic hash function” on this page can only be used in signature generation/verification with prehashed data.

Additional restrictions in FIPS mode are as follows:

Item

Restrictions

AES

  • In authenticated modes, that is, GCM, CCM, KW, KWP, only system-generated initialization vectors are permitted.
  • FF1: Complex alphabet options not supported.

ECDSA

  • Curve P192 keys can only be imported for Verify operations.
  • Deterministic Signature is not permitted.

RSA

  • 1024-bit keys can only be imported for Verify operations.
  • The same key cannot be used for Sign Generation / Verification and Encryption / Decryption operations.
  • Only Exponent 65537 is allowed.
  • Hash algorithms used in Sign/Verify: SHA-256, SHA-384, SHA-512.

Sign and Verify Operations

  • Hashing algorithm size should be less than 2x the key strength being used for Signature generation.
  • Only system-generated hash of the Sign payload is permitted.

HMAC

  • HMAC key size must be at least half the HMAC algorithm size

 

 

Comments

Please sign in to leave a comment.

Was this article helpful?
0 out of 0 found this helpful