FIPS Validation
Jump to navigation
Jump to search
NSS FIPS 140-2 validation
Target Release: NSS 3.11
Platforms
- Level 1
- RHEL 4 x86
- Windows XP Service Pack 2
- 64-bit Solaris 10 AMD64
- HP-UX B.11.11 PA-RISC
- Mac OS X 10.4
- Level 2
- RHEL 3 or RHEL 4 x86 (see Note).
- 64-bit Trusted Solaris 8 SPARC
Note: Level 2 testing must be performed on an operating system that has received Common Criteria certification at level EAL2 or higher. Qualified operating systems today include RHEL 3 (EAL3), Trusted Solaris 8, and Windows 2000 (EAL4). If RHEL 4 achieves Common Criteria certification (at level EAL4) in time, we will perform level 2 testing on RHEL 4; otherwise we will do level 2 testing on RHEL 3.
Schedule
| Milestone | Item | Deps | Time | Who | Completed |
|---|---|---|---|---|---|
| M1 | Initial Setup | ||||
| 1a | Choose validation Lab, approve costs, and sign NDA | all | all | BKP Security | |
| 1b | Review FIPs 140-2 and compare to FIPS 140-1 | all | X | ||
| 1c | BKP Training course June 21st and June 22nd | glen,jullien,Darren,Wan-Teh,Bob | X | ||
| 1d | Define Algorithms, Key Sizes and modes | X (except ECC) | |||
| M2 | Complete NSS 3.11 FIPS dependant bugs | X | |||
| M3 | Update documentation (numbers in parentheses refer to sections in FIPS documentation) | ||||
| 3a. | (1.0) Security policy, new algorithms | 1d | 2 wks | all | ongoing |
| 3b. | Generate annotated source tree (LXR -> HTML) | M2 | glen | ongoing | |
| 3c. | (2.0) Finite State Machine | 3b | 3 wks | ||
| 3d. | (3.0/4.0) Cryptographic Module Definition | 3b | 2 wks | ||
| 3e. | (6.0) Software Security (rules-to-code map) | 3b | 2 wks | ||
| 3f. | (8.0) Key Management Generate 20K random #'s | 1 day | |||
| 3g. | (9.0) Cryptographic Algs | 3a | 3 days | ||
| 3h. | (10.0) Operational Test Plan | 1 day | |||
| 3i. | Document architectural changes between 3.2 and 3.11 | 5 days | |||
| M4 | Send docs to testing lab | ||||
| 4a. | Security Policy | all | ongoing | ||
| 4b. | Finite State Machine | 3c | |||
| 4c. | Module Def. / rules-to-code | 3d,3e | |||
| M5 | Operational validation | ||||
| 5a. | Algorithm testing | 1 month | |||
| 5b. | Operational testing | 3h | 1 week | ||
| 5c | set up machines for Lab to run operational tests on, provide Lab tech with access to machines (last time we both sent a box to the lab and set up a temporary account in the intranet for them) | ||||
| M6 | Internal QA of docs | M2-M5 | 1 week | all | |
| M7 | Communication between NSS team / Lab / NIST about status of validation / algorithm certificates | M1-5 | 3-6 mos | all |
Algorithms
Plan is to validate all FIPS-approved algorithms that NSS implements and NIST has tests for. There are eight such algorithms:
| Algorithms | Key Size | Modes | Testing Completed |
|---|---|---|---|
| Triple DES | KO 1,2,3 (56,112,168) | ECB,CBC | |
| AES | 128/192/256 | ECB,CBC | |
| SHS (including all variants: SHA-1, SHA-256, SHA-384, and SHA-512) | N/A | N/A | |
| RNG | N/A | FIPS 186-2( x-Change Notice );( SHA-1 )
FIPS 186-2 General Purpose( x-Change Notice );( SHA-1 ) |
|
| HMAC | SHA-1, SHA-256, SHA-384, SHA-512 | KeySize < BlockSize, KeySize = BlockSize, KeySize < BlockSize | |
| DSA | 512-1024 | PQG(gen) PQG(ver) PRIME SIGN(gen) SIGN(ver) KEYGEN(Y) | |
| RSA | 1024-8092 | ALG[RSASSA-PKCS1_V1_5]; SIG(gen); SIG(ver); | |
| Elliptic Curve DSA (ECDSA; as specified in ANSI X9.62) | ? | ? |
Dependant Bugs
| Bug | Description | Completed |
|---|---|---|
| 259135 | power-up self-tests needed for SHA-256,384,512 and AES | ? |
| 294106 | Implement the recommended PRNG changes described in FIPS 186-2 Change Notice 1 | ? |
| 298506 | Implement logging for auditable events required by FIPS 140-2 | ? |
| 298511 | Implement ANSI RNG for FIPS 140-2 | ? |
| 298512 | Ensure the seed and seed key input for RNG do not have same value for FIPS 140-2 | ? |
| 298513 | Implement pairwise consistency test for key transport key generation FIPS 140-2 | ? |
| 298514 | Implement pairwise consistency for digitial signature key generation for FIPS 140-2 | ? |
| 298516 | Implement minimum length of PINs for FIPS 140-2 mode | ? |
| 298517 | Implement minimum time intervals for login attempts failures for FIPS 140-2 | ? |
| 298518 | Implement FIPS module failure if Non-approved Algorithms are used for FIPS 140-2 | ? |
| 298520 | Implement key establishment must be as secure as the strength of the key being transported for FIPS 140-2 | ? |
| 298522 | Implement more power-up self tests, such as HMAC, RSA for FIPS 140-2 | ? |
Testing Lab
FIPS Information
NIST Cryptographic Module Validation Program