Reference Guide
38 Secure Operation of Crypto-C ME
RSA BSAFE Crypto-C Micro Edition 4.1.4 Security Policy Level 1
2.1.4 Crypto User Guidance on Obtaining Assurances for
Key Transport Applications
The module provides support for the recommendations for key transport in
SP 800-56B, which provides the methods to obtain these assurances. The table below
describes the SP 800-56B recommendations for key transport.
2.1.5 Information on Minimum Password Length
Key Derivation Threat Model:
If an adversary as access to 1 million Graphics Processing Units (GPUs), each of
which can process 1,000 million hashes per second
2
, they can perform 8.64 x 10
19
hashes per day.
For PBKDF2, with an iteration count of 10,000, where each iteration involves a
HMAC that requires at least 2 Hashes, the adversary has a 1 in 100,000 chance of
brute forcing a password in one day
3
if the password search space has 4.32 x 10
20
entries.
Minimum Password Length:
The minimum length (L) of a password generated using a cryptographically secure
random password generator to provide a search space of S entries depends on the size
(N) of the character set:
L= log
2
S/log
2
N
Table 11 Key Transport Recommendations
NIST SP800-56B
Recommendations
Module Capabilities and Recommendations
Assurance of Key-Pair
Validity
The module provides the API
R_CR_validate_key() to
explicitly validate an RSA Key Pair according to
SP 800-56B.
This API performs both a pairwise consistency test and a key
pair validation according to “
basic-crt” and “crt_pkv”
methods.
Assurance of Public Key
Validity
The module provides the API
R_CR_validate_key() to
explicitly validate the RSA public key according to
SP 800-56B and SP 800-89.
Assurance of Possession of
Private Key
Outside the scope of the module.
2
The hashcat benchmark figure for preforming SHA-512 hashes quoted by HOWTo: Crack Hashes Fast-
er in the Cloud! in 2017 was 210 million SHA-512 hashes per second on a Tesla K80 GPU.
3
This represents a less than 4% chance of success in 10 years.