XiaoMi-AI文件搜索系统
World File Search SystemRYPTO
Microsoft FIPS 140验证安全策略文档
8.1 C RYPTO O FFICER G UIDANCE ..................................................................................................... 23 8.1.1 M ODULE I NSTALLATION .................................................................................................................. 23 8.1.2 O PERATING E NVIRONMENT C ONFIGURATION ................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................................... Ransport ............................................................................................................................................................................................................................................................................................................................................................................................................................................... AES-GCM-IV ..................................................................................................................................... RSA AND DSA KEYS ....................................................................................................................... 24 8.2.6 H ANDLING S ELF -T EST E RRORS ......................................................................................................... 24 8.2.7 K EY DERIVATION USING SP 800-132 PBKDF .................................................................................................................................................... 25
NIST 关于阈值和隐私增强加密的项目
图注:BC = 块密码。CC = 电路复杂度。Crypto = 密码术。DS = 数字签名。EC = 椭圆曲线。FIPS = 联邦信息处理标准。IR = 内部或机构间(分别表示公共 NIST 报告是在 NIST 内部或在机构间合作中开发的。IRB = 可互操作随机信标。KM = 密钥管理。MPTC = 多方门限加密。LWC = 轻量加密。PEC = 隐私增强加密。PQC = 后量子加密。RNG = 随机数生成。 SP 800 = 计算机安全特别出版物。
正式验证端到端安全消息的PQXDH量词后密钥协议协议
摘要信号使者最近引入了一种新的Asyn-Chronous Key协议协议协议,称为PQXDH(量子后扩展Diffie-Hellman),该协议旨在提供Quantum Forward的秘密,此外,除了以前的X3DH(Extended Diffie-Hellman)已提供的真实性和机密性保证外。更确切地说,PQXDH试图保护Mes-sages的机密性免受收获 - 少数分解量的攻击。在这项工作中,我们正式指定PQXDH协议,并使用两个正式的验证工具分析其安全性,即P Roverif和C Rypto V Erif。特别是我们询问PQXDH是否保留了X3DH的保证,是否涉及Quantum Forward Corport Crecrecy,以及是否可以与X3DH一起进行策划。我们的分析确定了PQXDH指定中的几个缺陷和潜在的漏洞,尽管由于我们在本文中描述的特定实现选择,这些漏洞在信号应用中并非在信号应用中得到利用。为了证明当前实施的安全性,我们的分析特别强调了对KEM的附加约束属性的需求,我们正式为Kyber定义并证明了Kyber。我们与协议设计师合作,根据我们的发现开发更新的协议规范,在该发现中,每个更改均已正式验证和验证。这项工作确定了一些陷阱,即社区应意识到升级协议的升级后安全。它还证明了与协议设计合作使用正式验证的实用性。
Versa网络安全目标
7.1.1。s ecurity Audit生成(FAU_GEN.1,FAU_GEN.1/IPS,FAU_GEN.1/VPN,FAU_GEN.2,FPT_STM_EXT.1)S ECURITY AUDIT STORAGE (FAU_STG.1, FAU_STG_EXT.1, FAU_STG_EXT.4, FAU_STG_EXT.5) ...................... 66 7.1.3.c ryptography支持 - 密钥管理(FCS_CKM.1,fcs_ckm.1/ike,fcs_ckm.2,fcs_ckm.4,fcs_rbg_ext.1,fmt_mtd.1,fmt_mtd.1/c rypto k eys,fpt_skp_ext.1) 7.1.4。c ryptography支持 - 算法(fcs_cop.1/d ata e ncryption,fcs_cop.1/s ig g en,fcs_cop.1/h ash,fcs_cop.1/k eied h ash h ash).........................................................................................................c ryptography支持 - P折叠(FCS_HTTPS_EXT.1,FCS_IPSEC_EXT.1,FCS_NTP_EXT.1,FCS_TLSS_EXT.1,FCS_SSHS_EXT.EXT.EXT.1)C RYPTOGRAPHIC SUPPORT – S ELF TESTS (FPT_TST_EXT.1, FPT_TST_EXT.3, FPT_FLS.1/S ELF T EST ) .......................... 74 7.1.7.i牙列化和身份验证 - p Assword身份验证(FIA_AFL.1,FIA_UAU_EXT.1,FIA_UIA_EXT.1,FIA_PMG_EXT.1,FPT_APW_EXT.1,FPT_APW_EXT.1)i牙列化和身份验证 - VPN(FIA_X509_EXT.1/R EV,FIA_X509_EXT.2,FIA_X509_EXT.3)...... 77 7.1.9。s ecurity管理(fmt_mtd.1/core d ata,fmt_mof.1/f unctions,fmt_mof.1/s ervices,fmt_smf.1,fmt_smf.1,fmt_smf.1/vpn ................................................................................. 79 7.1.10。T RUSTED UPDATE (FPT_TUD_EXT.1, FMT_MOF.1/M ANUAL U PDATE ) ............................................................... 80 7.1.11.TOE ACCESS (FTA_SSL_EXT.1, FTA_SSL.3, FTA_SSL.4, FTA_TAB.1) ............................................................ 81 7.1.12.T RUSTED PATH / CHANNEL COMMUNICATIONS (FCO_CPC_EXT.1, FTP_ITC.1, FTP_ITC.1/VPN, FTP_TRP.1/A DMIN ) .................................................................................................................................................. 81 7.1.13.tateful流量过滤(FPF_RUL_EXT.1,FFW_RUL_EXT.1,FDP_RIP.2)..................................................................................................................................................................................................................................................................................................................................................................... 82 7.1.0。i nTrusion检测和预防(ips_abd_ext.1,ips_ipb_ext.1,ips_nta_ext.1,ips_sbd_ext.1)... 87 7.2。NIST CAVP CERTIFICATES ....................................................................................................................................... 91 7.3.C RITICAL SECURITY PARAMETERS ............................................................................................................................... 97 7.4.IP V 4和IP V 6传输层协议............................................................................................................................................................................................................................................................................................................................................................................................................. 99