XiaoMi-AI文件搜索系统
World File Search SystemFIPS
封装机制标准; FIPS 204,模块 - ...
该文档计划于20124年8月14日在联邦公报上发布,并在https://federalregister.gov/d/2024-17956上在线提供,以及https://govinfo.gov
FIPS 140-3安全策略
Introduction ..................................................................................................................................................................... 3 About this Document ....................................................................................................................................................... 3免责声明...........................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................General ................................................................................................................................................................... 6 2.加密模块接口...................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................Roles, Services, and Authentication .................................................................................................................... 13 4.1 Roles ..................................................................................................................................................................... 13 4.2 Authentication ..................................................................................................................................................... 13 4.3 Services ................................................................................................................................................................. 13 5.Cryptographic Module Specification ..................................................................................................................... 7 2.1 Overall Security Design and Rules of Operation ................................................................................................. 11 2.1.1 Usage of AES-GCM .................................................................................................................................................... 11 2.1.2 RSA and ECDSA Keys ................................................................................................................................................. 11 2.1.3 CSP Sharing ............................................................................................................................................................... 11 2.1.4 Modes of Operation ................................................................................................................................................. 11 3.Software/Firmware Security ................................................................................................................................ 17 5.1 Module Format .................................................................................................................................................... 17 6.Operational Environment .................................................................................................................................... 17 7.Physical Security ................................................................................................................................................... 17 8.Non-invasive Security ........................................................................................................................................... 17 9.Sensitive Security Parameter Management ........................................................................................................ 18 10.Self-Tests .............................................................................................................................................................. 22 10.1 Pre-Operational Self-Tests ................................................................................................................................... 22 10.2 Conditional Self-Tests .......................................................................................................................................... 22 11.Life-Cycle Assurance............................................................................................................................................. 24 11.1 Installation Instructions ....................................................................................................................................... 24 11.1.1 Building for Android ............................................................................................................................................ 24 11.1.2 Building for Linux................................................................................................................................................. 25 11.1.3 Retrieving Module Name and Version ............................................................................................................... 26 12.Mitigation of Other Attacks ................................................................................................................................. 26 References and Standards ..................................................................................................................................................... 27 Acronyms ...............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................
后 FIPS 202 哈希函数的硬件加速器......
摘要 — 在当今的数字环境中,密码学通过加密和身份验证算法在确保通信安全方面发挥着至关重要的作用。虽然传统的密码方法依靠困难的数学问题来保证安全性,但量子计算的兴起威胁到了它们的有效性。后量子密码学 (PQC) 算法(如 CRYSTALS-Kyber)旨在抵御量子攻击。最近标准化的 CRYSTALS-Kyber 是一种基于格的算法,旨在抵御量子攻击。然而,它的实现面临着计算挑战,特别是基于 Keccak 的函数,这些函数对于安全性至关重要,也是 FIPS 202 标准的基础。我们的论文通过设计 FIPS 202 硬件加速器来提高 CRYSTALS-Kyber 的效率和安全性,从而解决了这一技术挑战。我们选择在硬件中实现整个 FIPS 202 标准,以扩大加速器对所有依赖此类哈希函数的可能算法的适用性,同时注意提供对片上系统 (SoC) 内系统级集成的现实假设。我们针对 ASIC 和 FPGA 目标提供了面积、频率和时钟周期方面的结果。与最先进的解决方案相比,面积减少了 22.3%。此外,我们将加速器集成在基于 32 位 RISC-V 的安全导向 SoC 中,我们在 CRYSTALS-Kyber 执行中展示了强大的性能提升。本文提出的设计在所有 Kyber1024 原语中表现更好,在 Kyber-KeyGen 中的改进高达 3.21 倍。
Yubikey FIPS 4系技术手册
部署Yubikey FIPS(联邦信息处理标准)系列为组织提供了使用Yubikey上的任何多个协议中的任何一个进行强验证的选择。由于并非所有问题都可以通过单个身份验证协议来解决,因此Yubikey FIPS系列包括PIV,宣誓,Yubiotp和FIDO U2F协议,以解决各种情况。FIPS指南和要求旨在确保在有安全的环境中,只有FIPS批准模式下的设备才能进行身份验证。为了满足FIPS的要求,公司IT员工需要与合规部门紧密合作,以开发和实施强大的流程。必须将FIPS命令的加密官员角色纳入在线服务用户注册步骤中,以满足组织安全和业务流程的需求。
BC-FJA(Bouncy Castle FIPS Java API)用户指南版本
b.2.1批准/未批准的模式的配置...................................................................................................................................................................................................................................................................................使用CryptoServicesRegistrar.setAppReveraveMode(true)的使用(true).....................................................................................................................................................................支持...................................................................................................................................................................曲线.......................................................................................................................................................................................................................................................................................................................................................................................................................................................................................与Osgi一起使用.........................................................................................................格式............................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................. References....................................................................................................................67
FIPS 140-3加密模块验证程序管理手册
联邦信息处理标准FIPS 140-3标识了CMVP,这是美国和加拿大82个政府的共同努力,是实施利用83 ISO/IEC 19790:2012要求标准的计划的验证机构,以及ISO/IEC/IEC/IEC 24759:2017衍生测试方法。84该标准还建立了CMVP技术要求,其中包含在NIST特别85出版物(SP)800-140,SP 800-140A,SP 800-140B,SP 800-140B,SP 800-140C,SP 800-140D,SP 800-140D,SP 800- 86 140E,SP 800-140F,以及SP 800-140F,以及他们的最新速度。必须在安全系统中使用的密码模块满足这些安全要求87,以保护受控的未分类88个信息(以下称为敏感信息)。此标准取代FIPS 140-89 2,全部密码模块的安全要求。FIPS 140-3可在90线上可用,网址为https://doi.org/10.6028/nist.fips.140-3。91
FIPS 140-3符合力点NGFW
随着网络安全威胁的检测和预防越来越复杂,政府和联邦机构需要解决方案,不仅提供了强大的安全性,而且还达到了严格的监管和合规标准。Forcepoint下一代防火墙(NGFW)旨在满足这些关键需求,包括遵守联邦信息处理标准(FIPS)140-3。
FIPS 140-2非专有安全政策Hewlett Packard ...
首字母缩写术语 Electromagnetic Interference FCC Federal Communications Commission FIPS Federal Information Processing Standard GPC General Purpose Computer GUI Graphical User Interface HMAC (Keyed-) Hash Message Authentication Code KAT Known Answer Test MAC Message Authentication Code MD Message Digest NIST National Institute of Standards and Technology OS Operating System PKCS Public-Key Cryptography Standards PRNG Pseudo Random Number Generator PSS Probabilistic Signature Scheme RNG Random Number Generator RSA Rivest,Shamir和Adleman Sha安全哈希算法SSL安全套接字层Triple-DES TRIPLIPLE-DES三数据加密算法TLS传输层安全USB通用串行总线
Hewlett Packard Enterprise FIPS 140-3非专有...
•本文档的目的。•与本文档内容有关的HPE文档。•在哪里可以获取其他HPE Aruba网络产品信息。•首字母缩写和缩写。•FIPS 140-3标准中所述的每个区域的保证安全级别。此版本补充剂提供有关HEWLETT PACKARD ENTERPRISE OPENSL 3提供商软件版本3.1.4A FIPS 140-3级别1级验证的信息。HPE Aruba Networking是一家Hewlett Packard Enterprise Company。此补充中的材料修改了本产品中包含的一般惠普企业软件文档,应与您的惠普packard企业产品文档一起保存。此补充主要涵盖了惠普企业Openssl 3提供商模块软件版本3.1.4a的非专有密码模块安全策略。此安全策略描述了该模块如何满足FIPS 140-3级别1的安全要求,以及如何在安全FIPS 140-3模式下放置和维护模块。本政策是作为FIPS 140-3级验证产品验证的一部分准备的。FIPS 140-3(联邦信息处理标准出版物140-3,密码模块的安全要求)详细介绍了美国政府对加密模块的要求。fips 140-3与ISO/IEC 19790:2012(e)保持一致,并包括允许进入加密模块验证程序(CMVP)的附件的修改,作为验证授权。本文确定的产品包含机密的商业软件。对这些要求的测试将符合ISO/IEC 24759:2017(e),以及供应商证据的修改,加法或删除,并根据第5.2段作为验证授权允许进行测试。有关FIPS 140-3标准和验证计划的更多信息可在国家标准技术研究所(NIST)网站上获得:https://csrc.nist.gov/project/project/cryptographic-module-module-validation-module-validation-program。 hpe openssl。本文档可以自由复制和分发完整,完整完整,包括版权通知。需要有效的许可证。版权所有©2024 Hewlett Packard Enterprise Company。Hewlett Packard Enterprise Company商标包括HPEArubaNetworking®,HPE Aruba WirelessNetworks®,注册的HPE Aruba网络移动边缘公司徽标,HPE Aruba Networking Mobility ManagementSystems®,Mobile Edge EdgeArchitection®网络必须跟随®,RFPROTECT®,GreenIsland®。保留所有权利。所有其他商标都是其各自所有者的财产。HPE Aruba Networking是一家Hewlett Packard Enterprise Company。
公众对更新FIP的建议和修改SP 800-185
shake128和shake256,以支持在调用XOF之前数据输出和完整数据输入的长度的实现。是指允许交错的吸收和挤压呼叫。我认为这将是一个很棒的补充,但应与有关域分离的需求以及一种或多种建议的参考解决方案的警告结合在一起。示例解决方案包括在眨眼和/或在shake-wrap和shake-bo和/或使用tag-(长度)价值以及频道中的tag-(长度)值中完成的单字节拖车的X Xorking四分位。(Sidenote:鉴于Ascon的SP仍在起草,在初始SP或潜在的随访SP中,允许Ascon-XOF的类似交错可能是有意义的。)