Monday, February 28, 2011

FIPS compliant algorithms

Hi guys!

Distributed software
If you're building and distributing a software/product, you must be aware that some of the Encryption algorithms of the .NET Framework are considered "FIPS approved" (Federal Investigation Processing Standards) and others aren't.

What problems can cause this? Well, if you're using MD5 in your distribution and your customer is running your software on a machine configured to ensure FIPS, your software won't be working.

For instance, in Windows there is a setting called - "System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing". Enabling it, ensures that all applications on the PC are using algorithms which are approved by FIPS.

FIPS approved algorithms list
It's a good idea, to always check the Encryption algorithms you're using against the list of approved FIPS algorithms:
https://wiki.mozilla.org/FIPS_Validation

This way you'll ensure your software robustness and reliability.

More resources

http://csrc.nist.gov/groups/STM/cmvp/standards.html#02

http://technet.microsoft.com/en-us/library/cc780081%28WS.10%29.aspx

No comments: