Page 11

Crypto-C ME Cryptographic Toolkit

2.5 Cryptographic Algorithms

CryptoC ME supports a wide variety of cryptographic algorithms. To achieve compliance with the FIPS

1402 standard, only FIPS 1402approved or allowed algorithms can be used in an approved mode of

operation. The following table lists the FIPS 1402approved algorithms supported by CryptoC ME.

Table 4.

Crypto-C ME FIPS 140-2-approved Algorithms

Algorithm

Validation Certificate

AES ECB, CBC, CFB, OFB, CTR, and CCM (all modes 128, 192, and

256-bit key sizes).

860

AES GCM and GMAC (all modes 128, 192, and 256-bit key sizes).

Vendor affirmed.

Triple-DES ECB, CBC, CFB (64-bit), and OFB.

707

Diffie-Hellman, EC-Diffie-Hellman, and EC-Diffie-Hellman with

Components.

Non-approved (Allowed in FIPS 140-2

mode).

DSA.

311

ECDSA.

98 and 100

FIPS 186-2 Pseudo Random Number Generator (PRNG) Change

Notice 1, with and without the mod q step.

492

Dual ECDRBG and HMAC-DRBG

RSA X9.31, PKCS#1 V.1.5, and PKCS#1 V.2.1 (SHA256 PSS).

412

RSA encrypt and decrypt.

Non-approved (Allowed in FIPS 140-2

mode for key transport).

SHA-1.

855

SHA-224, 256, 384, and 512.

855

HMAC-SHA1, SHA224, SHA256, SHA384, and SHA512.

477

The following algorithms are not FIPS 1402approved:

DES

MD2

MD5

HMAC MD5

DES40

RC2

RC4