This page describes the algorithms supported by Fortanix-Data-Security-Manager (DSM).
For more information on Fortanix DSM cryptographic policies, refer to User's Guide: Cryptographic Policy.
Crypto | Primitive Type | Algorithm | Mode/Method | Key Size/Curve | Import/export key format (Private/Public) | Use |
---|---|---|---|---|---|---|
Symmetric | Block cipher | AES | ECB, CBC, CBC (no padding), CFB, CTR, GCM, CCM, OFB, KW, KWP, CMAC, FF1 | 128, 192, or 256 bits | Raw | Data Encryption/Decryption, Key Wrapping/Unwrapping, MAC, Key Generation, Key Derivation, and Tokenization |
DES | ECB, CBC, CBC (no padding) | 56 bits | Data Encryption/Decryption, Key Wrapping/Unwrapping, MAC, Key Generation, and Key Derivation | |||
3DES | 112, 168 bits | |||||
ARIA | ECB, CBC, CBC (no padding), CFB, CTR, GCM, CCM | 128, 192, 256 bits | Data Encryption/Decryption, Key Wrapping/Unwrapping, and Key Derivation | |||
SEED | ECB, CTR, CBC, CBC (no padding) | 128 bits | ||||
Cryptographic hash functions | SHA-1 | SHA-1 | HMAC key length: between 112 and 8192 bits | (HMAC) raw | Message Digest, MAC, Key Generation | |
SHA-2 | SHA-224, SHA-256, SHA-384, SHA-512 | |||||
RIPEMD | RIPEMD-160 | |||||
SHA-3 | SHA3-224, SHA3-256, SHA3-384, SHA3-512 |
|
| Message Digest and Key Generation | ||
Asymmetric | Finite field | KCDSA | standard | Between 512 and 2048 bits7 | PKCS#8 DER/SubjectPublicKeyInfo DER | Digital Signature sign/verify and Key Generation |
DSA | standard1, deterministic signatures (RFC 6979)2 | Between 1024 and 8192 bits3 | PKCS#8 DER/ SubjectPublicKeyInfo DER (RFC5208/RFC5280) | |||
Elliptic Curve | ECDSA | NIST P-192, NIST P-224, NIST P-256, NIST P-384, NIST P-521, SecP192K1, SecP224K1, SecP256K1 | PKCS#8 DER/ SubjectPublicKeyInfo DER (RFC5480/RFC5915) | |||
EC-KCDSA | standard | NIST P-192, NIST P-224, NIST P-256, NIST P-384, NIST P-521, SecP192K1, SecP224K1, SecP256K1 | PKCS#8 DER/ SubjectPublicKeyInfo DER | |||
EdDSA | standard4, prehash4 | Ed25519 | PKCS#8 DER/ SubjectPublicKeyInfo DER (RFC8410) | |||
ECDH |
| NIST P-192, NIST P-224, NIST P-256, NIST P-384, NIST P-521, SecP192K1, SecP224K1, SecP256K1, X.25519, X.448 | PKCS#8 DER/ SubjectPublicKeyInfo DER (RFC5480/RFC5915/RFC8410) | Key Exchange and Key Generation | ||
BIP32 | Mainnet, Testnet | SecP256K1 | BIP32 Serialization format | Key Generation (HMAC), BIP32 child derivation, Signature/verification of cryptocurrency transactions | ||
BLS | Small signatures variant, small public keys variant | BLS12-381 | Public key: Uncompressed public point (SEC1 or appendix C of draft-irtf-cfrg-pairing-friendly-curves-10). Private key: 32 private key bytes concatenated with the uncompressed public point. | Digital Signature sign/verify and Key Generation | ||
RSA | RSA | PKCS#1 v1.55, OAEP6, PSS6 | Between 1024 and 8192 bits | PKCS#8 DER/ SubjectPublicKeyInfo DER (RFC5208/RFC5280) | Data Encryption/Decryption, Digital Signature sign/verify, Key Wrapping/Unwrapping, and Key Generation | |
Asymmetric - Post-Quantum | Hash-based | LMS | HSS with L = 1 or L = 2 | LMOTS_SHA256_N{24, 32}_W8 LMS_SHA256_M{24, 32}_H{5, 10, 15, 20} (NIST.SP.800-208) | Custom | Digital Signature sign/verify, and Key Generation |
XMSS | Single tree | XMSS-SHA2_{10,16}_{192,256} (NIST.SP.800-208) | Custom | Digital Signature sign/verify, and Key Generation | ||
Module lattices | ML-KEM | FIPS 2038 | ML-KEM-512, ML-KEM-768, ML-KEM-1024 | FIPS 203 format | Key Encapsulation/Decapsulation, and Key Generation | |
ML-DSA | FIPS 2048 | ML-DSA-44, ML-DSA-65, ML-DSA-87 | FIPS 204 format | Digital signature sign/verify, and app manageable |
1 With hash algorithms: SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SHA3-224, SHA3-256, SHA3-384, SHA3-512, Blake2b* (256, 384, 512), Blake2s-256*
2 With hash algorithms: SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512
3 Imported keys can use any parameters. The key generation will use the following specific parameters:
2048/224 and 2048/256: [RFC 5114]
3072/256: [NIST example parameters]
4 With hash algorithms: SHA-512
5 With hash algorithms (sign/verify): SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512, SSL3*
6 Supported mask generation functions: MGF1 with SHA-1, RIPEMD-160, SHA-224, SHA-256, SHA-384, SHA-512. The MGF hash function must be the same as the data hash function.
7 Imported keys can use any parameters. The key generation will use the following specific parameters:
2048/224/SHA224 and 2048/256/SHA256: [KISA]
8 FIPS 203 draft consulted 2023-08-24.
FIPS 204 draft consulted 2024-05-01.
* Hash algorithms not listed as a supported “Cryptographic hash function” on this page can only be used in signature generation/verification with prehashed data.