Using a FIPS 140 Enabled System in Oracle® Solaris 11.2

Exit Print View

 
Updated: August 2014
 
 

Algorithms That Are Not Approved for FIPS 140 in the Cryptographic Framework

In FIPS 140 mode, you cannot use an algorithm from the following summarized list of algorithms even if the algorithm is implemented in the Cryptographic Framework or is a FIPS 140-validated algorithm for other products.

    For the definitive lists of algorithms, study the security policy references in FIPS 140-2 Level 1 Certificate References for Oracle Solaris Systems.

  • Two-key Triple-DES – A weak algorithm that provides only 80 bits of security.

  • SHA512/224 – A truncated version of SHA-512, where the initial values are generated by using the method described in ITL BULLETIN FOR MAY 2012.

  • SHA512/256 – A truncated version of SHA-512, where the initial values are generated by using the method described in ITL BULLETIN FOR MAY 2012.

  • MD4 – Message Digest Algorithm 4, developed by Ronald Rivest in 1990, is a demonstrably vulnerable algorithm.

  • MD5 – Message Digest Algorithm 5 can be used in FIPS 140 mode with TLS only.

    The MD5 algorithm, developed by Ron Rivest in 1991, produces a 128-bit hash value. MD5 is commonly used to verify data integrity. MD5 is not suitable for applications like SSL certificates or digital signatures that rely on collision resistance for digital security.

  • RC4 – Also known as ARCFOUR or ARC4 is a software stream cipher that is used in Transport Layer Security (TLS) to protect Internet traffic, and WEP to secure wireless networks. RC4 is demonstrably vulnerable when the beginning of the output keystream is not discarded or when keys are not random.

  • DES – Data Encryption Standard, developed by IBM, was published as an U.S. Federal Information Processing Standard (FIPS) in 1977. In today's computing environment, its 56-bit key length is weak.

  • Blowfish – A symmetric key block cipher, designed in 1993 by Bruce Schneier, that is not proprietary.

  • AES XCBC-MAC – A Message Authentication Code (MAC) implementation for IPsec that is designed to provide security for packets that vary in length, such as typical IP packets.

  • DSA key generation – The 512-bit and 1024-bit key lengths are weak. Longer key lengths are validated for FIPS 140.

  • DSA signature generation – The 512-bit and 1024-bit key lengths are weak. Longer key lengths are validated for FIPS 140.

  • DSA signature verification – The 512-bit key length is weak. Longer key lengths are validated for FIPS 140.

  • RSA signature generation – The 256-bit, 512-bit, and 1024-bit key lengths are weak. Longer key lengths are validated for FIPS 140.

  • RSA signature verification – The 256-bit and 512-bit key lengths are weak. Longer key lengths are validated for FIPS 140.

  • Diffie-Hellman – The 64-bit, 128-bit, 256-bit, 512-bit, and 1024-bit key lengths are weak. Longer key lengths are validated for FIPS 140.

  • Elliptic Curve Diffie-Hellman – The 112-bit to 223-bit key lengths are weak. Longer key lengths are validated for FIPS 140, but deprecated.

Copyright © 2014, Oracle and/or its affiliates. All rights reserved. Legal Notices
Previous
Next