MozillaWiki

FIPS Validation: Difference between revisions

Page Discussion

FIPS Validation (view source)

Revision as of 06:20, 22 August 2005

5,255 bytes removed ,  22 August 2005
m
Reverted edit of Georgebush, changed back to last version by Wtchang
No edit summary
m (Reverted edit of Georgebush, changed back to last version by Wtchang)
Line 1: Line 1:
Calculus
== NSS FIPS 140-2 validation ==
Topics in calculus
Fundamental theorem | Function | Limits of functions | Continuity | Calculus with polynomials | Mean value theorem | Vector calculus | Tensor calculus
Differentiation
Product rule | Quotient rule | Chain rule | Implicit differentiation | Taylor's theorem | Related rates
Integration
Integration by substitution | Integration by parts | Integration by trigonometric substitution | Solids of revolution | Integration by disks | Integration by cylindrical shells | Improper integrals | Lists of integrals
For other uses of the term calculus see calculus (disambiguation)
Calculus is a central branch of mathematics, developed from algebra and geometry, and built on two major complementary ideas.


One concept is differential calculus. It studies rates of change, which are usually illustrated by the slope of a line. Differential calculus is based on the problem of finding the instantaneous rate of change of one quantity relative to another. Examples of typical differential calculus problems are finding the following quantities:
Target Release: NSS 3.11


The acceleration and speed of a free-falling body at a particular moment.
=== Platforms ===
The loss in speed and trajectory of a fired projectile, such as an artillery shell or bullet.
Change in profitability over time of a growing business at a particular point in time.
The other key concept is integral calculus. It studies the accumulation of quantities, such as areas under a curve, linear distance traveled, or volume displaced. Examples of integral calculus problems include finding the following quantities:


The amount of water pumped by a pump with a set power input but varying conditions of pumping losses and pressure.  
* Level 1
The amount of money accumulated by a business under varying business conditions.  
** RHEL 4 x86
The amount of parking lot plowed by a snowplow of given power with varying rates of snowfall.  
** Windows XP Service Pack 2
The two concepts, differentiation and integration, define inverse operations in a sense made precise by the fundamental theorem of calculus. In teaching calculus, either concept may be given priority. The usual educational approach is to introduce differential calculus first.
** 64-bit Solaris 10 AMD64
** HP-UX B.11.11 PA-RISC
** Mac OS X 10.4
* Level 2
** RHEL 3 or RHEL 4 x86 (see Note).
** 64-bit Trusted Solaris 8 SPARC


Contents [hide]
Note: Level 2 testing must be performed on an operating system that has received Common Criteria certification at level EAL2 or higher. Qualified operating systems today include RHEL 3 (EAL3), Trusted Solaris 8, and Windows 2000 (EAL4). If RHEL 4 achieves Common Criteria certification (at level EAL4) in time, we will perform level 2 testing on RHEL 4; otherwise we will do level 2 testing on RHEL 3.
1 History
2 Differential calculus
3 Integral calculus
4 Foundations
5 Fundamental theorem of calculus
6 Applications
7 See also
8 Further reading
9 External links


=== Schedule ===


[edit]
{| border="1" cellpadding="2"
History
|-
Main article: History of calculus
! Milestone !! Item !! Deps !! Time !! Who !! Completed
|-
! M1 !! Initial Setup !! !! !! !!
|-
! 1a !! Choose validation Lab, approve costs, and sign NDA !! all !!  !! all !! [http://www.bkpsecurity.com/ BKP Security ]  
|-
! 1b !! [http://csrc.nist.gov/publications/nistpubs/800-29/sp800-29.pdf Review FIPs 140-2 and compare to FIPS 140-1] !! all !! !! !! X
|-
! 1c !! BKP Training course June 21st and June 22nd !!  !! !! glen,jullien,Darren,Wan-Teh,Bob !! X
|-
! 1d !! Define Algorithms, Key Sizes and modes !! !! !! !! X
|-
! M2 !! Complete NSS 3.11 FIPS dependant bugs  !! !! !! !! X
|-
! M3  !! Update documentation (numbers in parentheses refer to sections in FIPS documentation) !! !! !! !! 
|-
! 3a. !! (1.0) Security policy, new algorithms !! 1d !! 2 wks !! all !! ongoing
|-
! 3b. !! Generate annotated source tree (LXR -> HTML) !! M2 !! !! glen !! ongoing
|-
! 3c. !! (2.0) Finite State Machine !! 3b !! 3 wks !! !!
|-
! 3d. !! (3.0/4.0) Cryptographic Module Definition !! 3b !!  2 wks !! !!
|-
! 3e. !! (6.0) Software Security (rules-to-code map) !! 3b !! 2 wks !! !!
|-
! 3f. !! (8.0) Key Management Generate 20K random #'s !! !! 1 day !! !!
|-
! 3g. !! (9.0) Cryptographic Algs !! 3a !! 3 days !! !!
|-
! 3h. !! (10.0) Operational Test Plan !! !! 1 day !! !! 
|-
! 3i. !! Document architectural changes between 3.2 and 3.11 !!  !! 5 days !! !!
|-
! M4 !! Send docs to testing lab  !! !! !! !!
|-
! 4a. !! Security Policy !! !! all !! ongoing !!
|-
! 4b. !! Finite State Machine !! 3c !! !! !! 
|-
! 4c. !! Module Def. / rules-to-code !! 3d,3e !! !! !!
|-
! M5  !! Operational validation !! !! !! !!
|-
! 5a. !! Algorithm testing !! !! 1 month !! !!
|-
! 5b. !! Operational testing !! 3h !! 1 week !! !!
|-
! 5c !! set up machines for Lab to run operational tests on, provide Lab tech with access to machines (last time we both sent a box to the lab and set up a temporary account in the intranet for them)  !! !! !! !!
|-
! M6 !! Internal QA of docs !! M2-M5 !! 1 week !! all !!
|-
! M7 !! Communication between NSS team / Lab / NIST about status of validation / algorithm certificates !! M1-5 !! 3-6 mos !! all !!
|}


Though the origins of integral calculus are generally regarded as going no farther back than to the ancient Greeks, there is evidence that the ancient Egyptians may have harbored such knowledge as well. (See Moscow Mathematical Papyrus.) Eudoxus is generally credited with the method of exhaustion, which made it possible to compute the area and volume of regions and solids. Archimedes developed this method further, while also inventing heuristic methods which resemble modern day concepts. An Indian Mathematician, Bhaskara (1114-1185), gave an example of what is now called the "differential coefficient" and the basic idea of what is now known as "Rolle's theorem". The 14th century Indian mathematician Madhava along with other mathematicians of the Kerala school made major inroads into Calculus that were not repeated anywhere in the world until the 17th century by Newton and Leibniz. Leibniz and Newton are usually designated the inventors of calculus, mainly for their separate discoveries of the fundamental theorem of calculus and work on notation.
=== Algorithms ===


There has been considerable debate about whether Newton or Leibniz was first to come up with the important concepts of calculus. The truth of the matter will likely never be known. Leibniz' greatest contribution to calculus was his notation; he often spent days trying to come up with the appropriate symbol to represent a mathematical idea. This controversy between Leibniz and Newton was unfortunate in that it divided English-speaking mathematicians from those in Europe for many years, setting back British analysis (i.e. calculus-based mathematics) for a very long time. Newton's terminology and notation was clearly less flexible than that of Leibniz, yet it was retained in British usage until the early 19th century, when the work of the Analytical Society successfully saw the introduction of Leibniz's notation in Great Britain. It is now thought that Newton had discovered several ideas related to calculus earlier than Leibniz had; however, Leibniz was the first to publish. Today, both Leibniz and Newton are considered to have discovered calculus independently.
Plan is to validate all FIPS-approved algorithms that NSS implements and NIST has tests for. There are eight such algorithms:
{| border="1" cellpadding="2"
|+
|-
!Algorithms !! Key Size !! Modes !! Testing Completed


Lesser credit for the development of calculus is given to Barrow, Descartes, de Fermat, Huygens, and Wallis. A Japanese mathematician, Kowa Seki, lived at the same time as Leibniz and Newton and also elaborated some of the fundamental principles of integral calculus, though this was not known in the West at the time, and he had no contact with Western scholars. [1]
|-
!Triple DES
| KO 1,2,3 (56,112,168) || ECB,CBC ||


[edit]
|-
Differential calculus
! AES
Main article: Derivative
| 128/192/256 || ECB,CBC ||


The derivative measures the sensitivity of one variable to small changes in another variable. Consider the formula:
|-
![http://csrc.nist.gov/publications/fips/fips180-2/fips180-2withchangenotice.pdf/ SHS (including all variants: SHA-1, SHA-256, SHA-384, and SHA-512)]
| N/A || N/A ||


  for an object moving at constant speed.
|-
One's speed in a car describes the change in location relative to the change in time. However, the speed itself may be changing and the formula above cannot account for that. Calculus deals with this more complex but natural and familiar situation.
! HMAC
|
SHA-1, SHA-256,
SHA-384, SHA-512
||
  KeySize < BlockSize,
KeySize = BlockSize,  
KeySize < BlockSize
||


Differential calculus determines the instantaneous speed, at any given specific instant in time, not just average speed during an interval of time. The formula Speed = Distance/Time applied to a single instant is the meaningless quotient "zero divided by zero". This is avoided, however, because the quotient Distance/Time is not used for a single instant (as in a still photograph), but for intervals of time that are very short.
|-
! RNG
| N/A
|| 
FIPS 186-2 General Purpose( x-Change Notice );
( SHA-1 )
||


The derivative answers the question: as the elapsed time approaches zero, what does the average speed computed by Distance/Time approach? In mathematical language, this is an example of "taking a limit."
|-
 
! DSA
More formally, differential calculus defines the instantaneous rate of change (the derivative) of a mathematical function's value, with respect to changes of the variable. The derivative is defined as a limit of a difference quotient.
| 512-1024 ||
 
PQG(gen) PQG(ver)  
The derivative of a function gives information about small pieces of its graph. It is directly relevant to finding the maxima and minima of a function — because at those points the graph is flat (i.e. the slope of the graph is zero). Another application of differential calculus is Newton's method, an algorithm to find zeroes of a function by approximating the function by its tangent lines. Differential calculus has been applied to many questions that are not first formulated in the language of calculus.
PRIME SIGN(gen) SIGN(ver)  
 
KEYGEN(Y)  
The derivative lies at the heart of the physical sciences. Newton's law of motion, Force = Mass × Acceleration, has meaning in calculus because acceleration is a derivative. Maxwell's theory of electromagnetism and Einstein's theory of gravity (general relativity) are also expressed in the language of differential calculus, as is the basic theory of electrical circuits and much of engineering.
||
 
[edit]
Integral calculus
Main article: Integral
 
The definite integral evaluates the cumulative effect of many small changes in a quantity. The simplest instance is the formula


|-
! RSA
| 1024-8092 || 
ALG[RSASSA-PKCS1_V1_5];  SIG(gen); 
SIG(ver);
||
   
   
for calculating the distance a car moves during a period of time when it is traveling at constant speed. The distance moved is the cumulative effect of the small distances moved in each of the many seconds the car is on the road. The calculus is able to deal with the natural situation in which the car moves with changing speed.
|}


Integral calculus determines the exact distance traveled during an interval of time by creating a series of better and better approximations, called Riemann sums, that approach the exact distance.
In this validation, we should validate AES and Triple DES first because their
implementations are stable.  When the new SHA-1 implementation for
AMD64/EM64T is checked in, we should test SHS because RNG and DSA depend on
SHA-1.  After SHS is tested, we can test HMAC.  Finally, when the new big num
library code is checked in, we can test the rest of the algorithms (RNG, DSA,
and RSA).


More formally, we say that the definite integral of a function on an interval is a limit of Riemann sum approximations.
=== Dependant Bugs ===
{| border="1" cellpadding="2"
|-
! Bug !! Description !! Completed
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=259135 259135] || power-up self-tests needed for SHA-256,384,512 and AES || ?
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=294106 294106] || Implement the recommended PRNG changes described in FIPS 186-2 Change Notice 1 || ?
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298506 298506 ] || Implement logging for auditable events required by FIPS 140-2 || ?
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298511 298511 ] || Implement ANSI RNG  for FIPS 140-2 || ?
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298512 298512 ] || Ensure the seed and seed key input for RNG do not have same value for FIPS 140-2 || ?
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298513 298513 ] || Implement pairwise consistency test for key transport key generation FIPS 140-2 || Completed
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298514 298514 ]|| Implement pairwise consistency for digitial signature key generation for FIPS 140-2 || Completed
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298516 298516 ] || Implement minimum length of PINs for FIPS 140-2 mode || Patch submitted
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298517 298517 ] || Implement minimum time intervals for login attempts failures for FIPS 140-2 || Patch submitted
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298518 298518 ] || Implement FIPS module failure if Non-approved Algorithms are used for FIPS 140-2 || ?
|-
| [https://bugzilla.mozilla.org/show_bug.cgi?id=298520 298520 ] || Implement key establishment must be as secure as the strength of the key being transported for FIPS 140-2 || ?
|-
|[https://bugzilla.mozilla.org/show_bug.cgi?id=298522 298522 ] || Implement more power-up self tests, such as HMAC, RSA for FIPS 140-2 || ?
|}


Applications of integral calculus arise whenever the problem is to compute a number that is in principle (approximately) equal to the sum of the solutions of many, many smaller problems.
=== Testing Lab ===
[http://www.bkpsecurity.com/ BKP Security ]


The classic geometric application is to area computations. In principle, the area of a region can be approximated by chopping it up into many very tiny squares and adding the areas of those squares. (If the region has a curved boundary, then omitting the squares overlapping the edge does not cause too great an error.) Surface areas and volumes can also be expressed as definite integrals.
=== FIPS Information ===


Many of the functions that are integrated are rates, such as a speed. An integral of a rate of change of a quantity on an interval of time tells how much that quantity changes during that time period. It makes sense that if one knows their speed at every instant in time for an hour (i.e. they have an equation that relates their speed and time), then they should be able to figure out how far they go during that hour. The definite integral of their speed presents a method for doing so.
[http://csrc.nist.gov/cryptval/ NIST Cryptographic Module Validation Program ]


Many of the functions that are integrated represent densities. If, for example, the pollution density along a river (tons per mile) is known in relation to the position, then the integral of that density can determine how much pollution there is in the whole length of the river.
[http://csrc.nist.gov/CryptoToolkit/ NIST Crypto Toolkit ]


Probability, the basis for statistics, provides one of the most important applications of integral calculus.
== NSS FIPS 140-2 Validation Docs ==


[edit]
[[ NSSCryptoModuleSpec | NSS FIPS 140-2 Validation Docs ]]
Foundations
The rigorous foundation of calculus is based on the notions of a function and of a limit; the latter has a theory ultimately depending on that of the real numbers as a continuum. Its tools include techniques associated with elementary algebra, and mathematical induction.


The modern study of the foundations of calculus is known as real analysis. This includes full definitions and proofs of the theorems of calculus. It also provides generalisations such as measure theory and distribution theory.
== FIPS 140-2 Vendor Requirement Docs ==


[edit]
[[ FIPS 140-2 Vendor Requirement Docs ]]
Fundamental theorem of calculus
The fundamental theorem of calculus states that differentiation and integration are, in a certain sense, inverse operations. More precisely, antiderivatives can be calculated with definite integrals, and vice versa.
 
This connection allows us to recover the total change in a function over some interval from its instantaneous rate of change, by integrating the latter.
 
This realization, made by both Newton and Leibniz, was key to the massive proliferation of analytic results after their work became known.
 
The fundamental theorem provides an algebraic method of computing many definite integrals --without performing limit processes--by finding formulas for antiderivatives. It is also a prototype solution of a differential equation. Differential equations relate an unknown function to its derivatives, and are ubiquitous in the sciences.
 
1st Fundamental Theorem of Calculus: If a function f is continuous on the interval [a, b] and F is an antiderivative of f on the interval [a, b], then
 
2nd Fundamental Theorem of Calculus: If f is continuous on an open interval I containing a, then, for every x in the interval,
 
[edit]
Applications
The development and use of calculus has had wide reaching effects on nearly all areas of modern living. It underlies nearly all of the sciences, especially physics. Virtually all modern developments such as building techniques, aviation, and other technologies make fundamental use of calculus. Many algebraic formulas now used for ballistics, heating and cooling, and other practical sciences were worked out through the use of calculus. In a handbook, an algebraic formula based on calculus methods may be applied without knowing its origins.


The success of calculus has been extended over time to differential equations, vector calculus, calculus of variations, complex analysis, and differential topology.
This page was last updated by: --[[User:Glen|Glen]] 15:12, 28 Jul 2005 (PDT)
Justdave
Confirmed users, Bureaucrats and Sysops emeriti
674

edits

Retrieved from "https://wiki.mozilla.org/Special:MobileDiff/11330"