1. Using a FIPS 140-2 Enabled System in Oracle Solaris 11.4
  2. FIPS 140-2 Algorithm Lists and Certificate References for Oracle Solaris Systems
  3. Algorithms That Are Not Approved for FIPS 140-2 in the Cryptographic Framework

Algorithms That Are Not Approved for FIPS 140-2 in the Cryptographic Framework

In FIPS 140-2 mode, you cannot use an algorithm from the following summarized list of algorithms even if the algorithm is implemented in the Cryptographic Framework or is a FIPS 140-2 validated algorithm for another provider.

For the definitive lists of algorithms, review the security policy references in FIPS 140-2 Level 1 Guidance Documents for Oracle Solaris Systems.

  • Two-key Triple-DES – A weak algorithm that provides only 80 bits of security.

  • Three-Key Triple-DES – A weak algorithm that provides only 112 bits of security.

  • MD5 and HMAC MD5 – Message Digest Algorithm 5 can be used in FIPS 140-2 mode with TLS only.

    The MD5 algorithm, developed by Ron Rivest in 1991, produces a 128-bit hash value. MD5 is commonly used to verify data integrity. MD5 is not suitable for applications like SSL certificates or digital signatures that rely on collision resistance for digital security.

  • RC4 – Also known as ARCFOUR or ARC4, RC4 is a software stream cipher that is used in Transport Layer Security (TLS) to protect Internet traffic, and in WEP to secure wireless networks. RC4 is demonstrably vulnerable when the beginning of the output keystream is not discarded or when keys are not random.

  • AES – Modes not explicitly validated, such as XCBC-MAC and XCBC-MAC-96.

  • Blowfish – A symmetric key block cipher, designed in 1993 by Bruce Schneier, that is not proprietary.

  • Camellia – Developed in Japan, is comparable to AES, and is designed to be suitable for both software and hardware implementations, from low-cost smart cards to high-speed network systems.

  • DES – Data Encryption Standard, developed by IBM, was published as an U.S. Federal Information Processing Standard (FIPS) in 1977. In today's computing environment, its 56-bit key length is weak.

  • DSA key generation – The 512-bit and 1024-bit key lengths are weak. Longer key lengths are validated for userland Cryptographic Framework only.

  • DSA signature generation – The 512-bit and 1024-bit key lengths are weak. Longer key lengths are validated for userland Cryptographic Framework only.

  • DSA signature verification – The 512-bit key length is weak. Longer key lengths are validated for userland Cryptographic Framework only.

  • RSA key wrapping – The key lengths less than 112 bits are weak. Longer key lengths are allowed for FIPS 140-2.

  • RSA signature generation – The 256-bit, 512-bit, and 1024-bit key lengths are weak. Longer key lengths are validated for FIPS 140-2.

  • RSA signature verification – The 256-bit and 512-bit key lengths are weak. Longer key lengths are validated for FIPS 140-2.

  • Diffie-Hellman – Key lengths less than 112 bits are weak. Longer key lengths are allowed for key agreement, userland Cryptographic Framework only.

  • ECDH – Key lengths less than 112 bits are weak. Longer key lengths are allowed for key agreement, userland Cryptographic Framework only.