Security Policy
Jump to navigation
Jump to search
This is a draft document.
Authentication Policy
Results of FIPS 140-2 Level 2 Validation of NSS Cryptographic Module 3.11.5
| FIPS 140-2 Section |
Description |
Validation Level Obtained |
| 1.0 |
Cryptographic Module Specification |
2 |
| 2.0 |
Cryptographic Module Ports and Interfaces |
2 |
| 3.0 |
Roles, Services, and Authentication |
2 |
| 4.0 |
Finite State Model |
2 |
| 5.0 |
Physical Security |
2 |
| 6.0 |
Operational Enviroment |
2 |
| 7.0 |
Cryptographic Key Management |
2 |
| 8.0 |
EMI/EMC |
2 |
| 9.0 |
Self-Tests |
2 |
| 10.0 |
Design Assurance |
2 |
| 11.0 |
Mitigation of Other Attacks |
2 |
| C |
Cryptographic Module Security Policy |
2 |
Platform List
- Level 1
- Red Hat Enterprise Linux 4 x86
- Windows XP Service Pack 2
- 64-bit Solaris 10 AMD64
- HP-UX B.11.11 PA-RISC
- Mac OS X 10.4
- Level 2
- Red Hat Enterprise Linux 4 x86_86
- 64-bit Trusted Solaris 8 SPARC
References
[1] P. Kocher, "Timing Attacks on Implementations of Diffie-Hellman, RSA, DSS, and Other Systems," CRYPTO '96, Lecture Notes In Computer Science, Vol. 1109, pp. 104-113, Springer-Verlag, 1996. (http://www.cryptography.com/timingattack/)
[2] D. Boneh and D. Brumley, "Remote Timing Attacks are Practical," http://crypto.stanford.edu/~dabo/abstracts/ssl-timing.html.
[3] C. Percival, "Cache Missing for Fun and Profit," http://www.daemonology.net/papers/htt.pdf.
[4] N. Ferguson and B. Schneier, Practical Cryptography, Sec. 16.1.4 "Checking RSA Signatures", p. 286, Wiley Publishing, Inc., 2003.