The Federal Information Processing Standards (FIPS) Encryption Suite Sean Smith COSC
Overview ● This presentation will give a brief look at the approved cryptographic key management methods, key generations, random number generators, hashes, and encryption algorithms for use by government agencies and government contractors and vendors. ● The purpose of this presentation is to make readers aware of the strength of protections needed to participate in government computing.
Definitions ● The Federal Information Processing Standards (FIPS) are a set of standards that describe the approved manners for document processing, encryption algorithms, and other information technology standards for use within non- military government agencies and government contractors and vendors. ● The FIPS Encryption Suite refers to the approved encryption algorithms as outlined by these standards.
FIPS Code ● The FIPS Code is a document published by National Institute of Standards and Technology which outlines the standards that a cryptographic module must meet. ● It outlines all the security functions that a cryptographic module must be able to meet to reach the required levels of security for government use as well as listing approved security functions and algorithms.
FIPS Code Section ● This section of the FIPS Code describes the necessary functions for a cryptographic module. These functions are: ● Show Status – Displays the current status of the module. ● Perform Self-Tests – Initiates and run self-tests prescribed in Section 4.9 ● Perform Approved Security Function – Perform an Approved Security Function as specified in Annex A of FIPS Code 140-2, e.g. encryption
FIPS Code Section 4.7 ● This section describes the security requirements for the cryptographic key management methods employed by the module. ● These requirements include standards addressing: ● Random Number Generators ● Key Generation ● Key Establishment ● Key Entry and Output ● Key Storage ● Key Zeroization
FIPS Code Section Random Number Generator Standards ● If a cryptographic module employs a random number generator, it must meet the following specification: ● Pass the continuous random number generator test specified in Section 4.9 ● Further, commercially available nondeterministic random number generators may be used to seed deterministic random number generators ● Random number generators are required for the generation of cryptographic keys. Unapproved random number generators may only be used as input to approved random number generators or as initialization vectors for approved security functions. ● Approved Random Number Generators are listed in Annex C of FIPS Code 140-2
Approved Random Number Generators from Annex C of FIPS Code ● Digital Signature Standard from FIPS Code with Change Notice 1 or Change Notice 2 ● Digital Signatures Using Reversible Public Key Cryptography for the Financial Services Industry (rDSA) ● Public Key Cryptography for the Financial Services Industry: The Elliptic Curve Digital Signature Algorithm (ECDSA) ● NIST Recommended Random Number Generator ● Recommendation for Random Number Generation Using Deterministic Random Bit Generators
FIPS Code Section Key Generation Standards ● If a cryptographic module generates keys internally, then it must meet these specifications: ● A key may only be generated using one of the approved key generation methods listed in Annex C of FIPS Code (included in documents provided by previous slide) ● Methods to compromise the key generation method shall require at least as many operations to determine the generated key ● If intermediate key generation values are output from the module, the values should be output either – Encrypted – Under split knowledge procedures (no one knows the full key)
FIPS Code Section Key Establishment Standards ● In a cryptographic module, key establishment may be performed in a number of ways: ● Automated methods – Such as the public key algorithm ● Manual methods – Manually transporting a key-loading device (e.g. CD) ● A combination of the two previous methods ● All key establishment methods must be on the approved list provided in Annex D of the FIPS Code ● Compromising the key establishment method must take at least as many operations as determining the key being agreed upon or transported. ● If a key transport method is used, the key must meet the key entry/output specifications found in Section of FIPS Code 140-2
Approved Key Establishment Methods from Annex D of FIPS Code ● Key Agreement ● Method of key establishment where key is generated from information provided by separate parties ● Key Transport ● Method of key establishment where key is generated by one party and securely transported to any other parties ● Key Generation ● Keys generated within a particular cryptographic module ● Key Entry ● Key is either entered manually or electronically ● Key Derivation ● Key is derived from certain parameters using an approved key derivation technique These methods are discussed in more detail in the Implementation Guidance for FIPS Code
FIPS Code Section Key Entry and Output ● If keys are entered or output by the cryptographic module, the entry or output of keys must be input manually or via electronic means (smart cards/tokens, PC cards, etc.). ● Any seed keys entered during key generation must also be put in using these methods. ● All secret and private keys may only be output in encrypted form during an approved mode of operation. ● Public keys may be output in plain text form ● Any entered key must be associated with the correct entity, e.g. person, group, or process ● Manually entered keys should be verified for accuracy using the manual key entry test from Section 4.9. ● During entry, the entered values may be displayed temporarily to improve accuracy. ● If encrypted components are manually entered into the module, the plain text values should not be displayed.
FIPS Code Section Key Entry and Output (Contd) ● Security Levels 1 and 2 ● Secret and private keys input into the module using automated methods must be input in encrypted form ● Secret and private keys input into the module using manual methods may be input using plain text form ● Security Levels 3 and 4 ● Secret and private keys input into the module using automated methods must be input in encrypted form ● Secret and private keys input into the module using manual methods must be input in encrypted form or using split knowledge procedures. ● If using split knowledge procedures, – Each operator must be authenticated seperately – Keys must be input directly into the module without traveling through any other intervening systems where keys may be stored, combined or processed – A minimum of two key components is required – Proof that knowledge of n key components is required to reconstruct the key and that knowledge of n-1 key components provides no usable information other than key length
FIPS Code Section Key Storage Standards ● Keys may be stored within the module in either plain text or encrypted forms provided: ● Plain text secret and private keys are inaccessible to unauthorized operators ● Keys are associated to the correct entity to which the key is assigned
FIPS Code Section Key Zeroization Standards ● A cryptographic module shall provide methods to zeroize all plain text secret and private keys as well as any critical security parameters ● Zeroization of encrypted elements is not required.
FIPS Code Section 4.9 ● This section describes the tests that a cryptographic module shall perform or have available for use. ● An cryptographic module is required to have: ● Power-up self tests – Tests that run when the module powers on ● Cryptographic algorithm tests ● Integrity testing ● Critical functions test ● Conditional self tests – Tests that are required to run when an applicable security function is invoked ● Pairwise consistency test ● Firmware load test ● Manual key entry test ● Continuous random number generator test ● Bypass test ● If a self test fails, the cryptographic module should enter an error state and output an error indicator while also inhibiting any data output from the module.
Approved Security Functions from Annex A of FIPS Code ● This section describes the available security functions that the FIPS Code approves for use. ● Symmetric Key Encryptions – Advanced Encryption Standard (AES) – Triple-DES Encryption Algorithm (TDEA) – Escrowed Encryption Standard (EES) ● Asymmetric Key Encryptions – Digital Signature Standards (DSS) – Elliptic Curve Digital Signature Algorithm (ECDSA) – RSA
Approved Security Functions (Contd) from Annex A of FIPS Code ● Secure Hash Standards (SHS) – SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA-512/224, SHA-512/256 ● Random Number Generators – Discussed previously in Annex C ● Message Authentication – Triple DES – AES – SHS ● Each of these Standards has a relevant section in the FIPS Code.
Conclusion ● This presentation has gone over the overarching software requirements for an appropriate cryptographic module suited for government use as prescribed by FIPS Code ● It has touched upon the approved methods for generating and managing keys as well as approved encryption schemes allowed for by the FIPS Code.
Questions?
References Easter, Randall J., and Carolyn French. "Annex A: Approved Security Functions for FIPS PUB , Security Requirements for Cryptographic Modules." NIST Computer Security Publications - FIPS (Federal Information Processing Standards). NIST, 30 May Web. Nov.- Dec Easter, Randall J., and Carolyn French. "Annex C: Approved Random Number Generators for FIPS PUB , Security Requirements for Cryptographic Modules." NIST Computer Security Publications - FIPS (Federal Information Processing Standards). NIST, 16 Feb Web. Nov.-Dec Easter, Randall J., and Carolyn French. "Annex D: Approved Key Establishment Techniques for FIPS PUB , Security Requirements for Cryptographic Modules." NIST Computer Security Publications - FIPS (Federal Information Processing Standards). NIST, 2 Jan Web. Nov.- Dec "FIPS (DSS), Digital Signature Standard." Information Technology Laboratory Homepage. N.p., n.d. Web. Nov.-Dec Rouse, Margaret. "FIPS (Federal Information Processing Standards)." What Is FIPS? N.p., Mar Web. 17 Nov US. National Institute of Standards and Technology. Information Technology Laboratory. FIPS NIST, n.d. Web. Nov.-Dec