000035926 - RSA BSAFE Crypto-C ME Security Policy Update January 2018

Document created by RSA Customer Support Employee on Feb 3, 2018Last modified by RSA Customer Support Employee on Mar 8, 2018
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000035926
Applies ToRSA BSAFE® Crypto-C Micro Edition 4.1
RSA BSAFE® Crypto-C Micro Edition 4.1.0.1
RSA BSAFE® Crypto-C Micro Edition 4.1.2
RSA BSAFE® Crypto-C Micro Edition 4.1.3.2
IssueOn January 1st 2018, NIST moved the cryptographic module certificate numbers 2294 and 2300 to the Historical list, preventing any product referencing those certificates to be included by Federal Agencies's new procurements.
 
CauseThe CMVP announced their process for managing the transition of the AES key wrap method of key establishment at https://csrc.nist.gov/Projects/Cryptographic-Module-Validation-Program/Notices.

According to the notice the CMVP has removed the current FIPS 140-2 certificates for the BSAFE- C toolkits from the CMVP active validation list and put them in the historical list. These certificates are number 2294 and 2300, which cover the same Crypto-C ME releases for modules that have different validation levels for authentication. 
 
Certificates on the historical list cannot be found by normal searches of the CMVP validation list and cannot be sold to US government customers.

What caused the certificates 2294 and 2300 to be moved to the historical can be explained by the following: 
  1. CMVP are removing certificates that have the previously allowed AES key wrapping (as per the notice)
  2. CMVP certificates 2294 and 2300 are shared by CCME 4.1, 4.1.0.1, 4.1.2 and 4.1.3.2 releases
  3. CCME 4.1 does not provide AES key wrap implementation.
  4. CCME 4.1.0.1 has an implementation but was not able to validate symmetric key wrapping because CAVP test vectors were not available at time of validation. This implementation was hence marked as non-approved but allowed. This is no longer allowed by CMVP.
  5. CCME 4.1.2 has approved AES key wrap validated according to SP800-38F (AES certificate 3596)
  6. CCME 4.1.3.2 also has approved AES key wrap (AES certificate 4665)
 
The modules with validated AES key wrap are now on the historical list because they share he same module certificate with CCME 4.1.0.1 which does not have the same validation.

The current security policy for these modules shows CAVP certificates for AES key wrap for CCME 4.1.2 and CCME 4.1.3.2 and notes that CCME 4.1 and 4.1.0.1 are different.
ResolutionNew Security Policy documents have been submitted to CMVP that disallows the use of AES key wrap algorithms when using CCME 4.1 and 4.1.0.1 used in FIPS 140-2 mode.

As of January 31st 2018, the module certificates #2294 and #2300 are back on the validated list.

Please review the module certificates and new security policy documents at the following locations:

Attachments

    Outcomes