Secure Operation of Crypto-C ME
14
RSA BSAFE Crypto-C ME 3.0.0.1 Security Policy
3 Secure Operation of Crypto-C ME
This section provides an overview of how to securely operate CryptoC ME to be in compliance with the
FIPS 1402 standards.
3.1 Crypto Officer and User Guidance
The Crypto Officer and User must only use algorithms approved for use in a FIPS 140 mode of
requirements for using the approved algorithms in a FIPS 140 mode of operation are as follows:
·
The bit length for a DSA key pair must be 1024 bits .
·
Bit lengths for an RSA key pair must be between 1024 and 4096 bits in multiples of 512.
·
Bit lengths for an HMAC key must be between 80 and 4096 bits.
·
EC key pairs must have named curve domain parameters from the set of NISTrecommended
named curves (P192, P224, P256, P384, P521, B163, B233, B283, B409, B571, K163, K233, K283, K409,
K571). The module limits possible curves for Dual EC DRBG to P256, P384, and P521 in accordance
with SP 80090.
·
When using RSA for key wrapping, the strength of the methodology is between 80 and 150 bits of
security.
·
The DiffieHellman shared secret provides between 80 and 150 bits of encryption strength.
·
EC DiffieHellman primitives must use curve domain parameters from the set of NIST
recommended named curves. Using NISTrecommended curves, the computed DiffieHellman
shared secret provides between 80 and 256 bits of encryption strength.
·
When using an approved RNG to generate keys, the requested security strength for the RNG must
be at least as great as the security strength of the key being generated.
3.2 Roles
If a user of CryptoC ME needs to operate the toolkit in different roles, then the user must ensure that all
instantiated cryptographic objects are destroyed before changing from the Crypto User role to the
Crypto Officer role, or unexpected results could occur.