I am new for FIPS 140-2, our application is using TLS 1.2 for communication with other systems. I am wondering if there is any requirements for TLS 1.2 to comply with FIPS? In other words, in order to be FIPS-compliant, what does our TLS 1.2 application need to do?
Asked
Active
Viewed 2,741 times
2 Answers
0
FIPS 140-2 is just some set of encryption/decryption algorithms that are used and monitored by the federal agency. TLS1.2 is surely accepted as FIPS-compliant but the underlying key exchange algorithm must be FIPS compliant. For that, you can use some third-party libraries, for instance, BCFIPS.
livesamarthgupta
- 192
- 1
- 2
- 9
0
TL;DR - it depends on your tech a bit, but in general: You need to use a blessed module tested by NIST to calculate crypto routines as well as configuring your OS and TLS libraries to use good ciphers and protocol versions only (read: make it as close to impossible to use unsupported settings as possible). If it's nginx, you need the exactly right version of openssl running and configured correctly (correct ciphers, TLS version and so on), and your OS needs to be in FIPS mode. If it's a JVM app, you need the exact right version of Bouncy Castle installed and configured correctly so that it replaces the default Sun TLS routines, as well as your OS in FIPS mode. On it goes for other types of apps. iirc Python uses openssl, so it's more like the nginx story...
Others probably know more than I do...but hopefully this helps start the journey to understanding.
More details:
FIPS 140-2 is a bit slippery to understand at first. Some folks say that they are doing "FIPS 140-2 compliant/compatible crypto ciphers" that makes it sound like they are meeting the criteria of the specification, but unfortunately that is different than actually using FIPS 140-2 validated cryptographic modules (as well as all the appropriate configuration of ciphers and so on).
If you are supporting FIPS 140-2 validated cryptography for something like NIST 800-53, then you are required to "do more things" than just configure TLS 1.2 correctly.
https://www.gsa.gov/cdnstatic/SSL_TLS_Implementation_%5BCIO_IT_Security_14-69_Rev_6%5D_04-06-2021docx.pdf has a reasonable summary of things to be aware of in section 3.
FIPS 140-2 compliant encryption is achieved when the following conditions are met:
- Implement FIPS 140-2 Encryption Modules AND enable the FIPS 140-2 Object Module
- Implement Secure Protocols
- Implement FIPS-approved Ciphers
- One or both sides of the communication session (client and/or server) must be set up in FIPS mode
Further, the thing about using validated cryptographic modules means, the programs or hardware that calculate crypto routines must be on the list of blessed CMVP modules at NIST:
TLS implementation must use FIPS 140-2 validated cryptographic modules in order to achieve FIPS compliance. NIST maintains a list of FIPS 140-2 Cryptographic Modules (https://csrc.nist.gov/projects/cryptographic-module-validation-program/validated-modules/search). A cryptographic module may either be an embedded component of a product or application, or an individual product in-and-of-itself.
Obligatory wikipedia reference, which makes more sense once you already know about the CMVP: https://en.wikipedia.org/wiki/FIPS_140-2#Compliance
An example of setting up your OS in FIPS mode: https://aws.amazon.com/blogs/publicsector/enabling-fips-mode-amazon-linux-2/ Redhat and others have similar guides. For windows or other OSes... your mileage may vary, but I'm sure someone has been crazy enough to do it.
OpenSSL has some notes on FIPS 140-2 that are somewhat entertaining and informative: https://wiki.openssl.org/index.php/FIPS_mode_and_TLS
Hightower
- 21
- 1