Reference Guide

ManualsBrandsDell ManualsBSAFEBSAFE Crypto-J

Secure Operation of Crypto-C ME 23

RSA BSAFE Crypto-C Micro Edition 4.1 Security Policy

Level 1

• When using GCM feedback mode for symmetric encryption, the authentication

tag length and authenticated data length may be specified as input parameters, but

the Initialization Vector (IV) must not be specified. It must be generated

internally.

• In the case where the module is powered down, a new key must be used for AES

GCM encryption/decryption.

• For Password-based Key Derivation, the following restrictions apply:

– Keys generated using PBKDF2 shall only be used in data storage

applications.

– The minimum password length is 14 characters, which has a strength of

approximately 112 bits, assuming a randomly selected password using the

extended ASCII printable character set is used.

For random passwords (that is, a string of characters from a given set of

characters in which each character is equally likely to be selected), the

strength of the password is given by:

S=L*(log N/log 2) where N is the

number of possible characters (for example, for the ASCII printable character

set

N = 95, for the extended ASCII printable character set N = 218) and L

is the number of characters. A password of the strength

S can be guessed at

random with the probability of 1 in 2

– The minimum length of the randomly-generated portion of the salt is 16 bytes.

– The iteration count is as large as possible, with a minimum of 1000 iterations

recommended.

– The maximum key length is

-1)*b, where b is the digest size of the

message digest function.

– Derived keys can be used as specified in NIST Special Publication 800-132,

Section 5.4, options 1 and 2.

3.2 Roles

If a user of Crypto-C ME needs to operate the toolkit in different roles, then the user

must ensure all instantiated cryptographic objects are destroyed before changing from

the Crypto User role to the Crypto Officer role, or unexpected results could occur.

The following table lists the roles a user can operate in.

Table 5 Crypto-C ME Roles

Role Description

R_FIPS140_ROLE_OFFICER

An operator assuming the Crypto Officer role can call any Crypto-C ME

function. The complete list of the functionality available to the Crypto

Officer is outlined in “Services” on page 27.

R_FIPS140_ROLE_USER

An operator assuming the Crypto User role can use the entire Crypto-C ME

API except for

R_PROV_FIPS140_self_test_full(), which is reserved

for the Crypto Officer. The complete list of Crypto-C ME functions is

outlined in “Services” on page 27.