7

I've recently been tasked with a research project to write a "secure messaging application" using "government approved protocols" (the government being the USA). I'm taking this to mean asymmetric encryption and government approved cryptographic algorithms, AKA FIPS 140(-1?), and hashing (FIPS 180-x).

Some Android devices such as the Galaxy S4 and HTC One are advertised as being FIPS certified.

  1. Does application level code get to take advantage of the certified implementation on these devices? E.G., if I use the standard Android/Java API's to open an HTTPS connection, or generate a SHA256 hash, would those calls be done with a FIPS certified implementation?

    If so:

    • that would mean they've replaced the default android JCE provider, correct?
    • is there any way to determine that a FIPS certified JCE is available?

    If not:

    • in order to make a FIPS certifiable app, at the minimum one would need to use JNI to call out to a FIPS certified OpenSSL implementation, or an alternative pure java JCE provider, correct? (outside of creating a custom implementation)
    • assuming using a FIPS certified OpenSSL implementation, this would mean that any secure networking calls (HTTPS for example), would have to be done either in native code (C) invoking the OpenSSL implementation, or use JNI to invoke the OpenSSL libraries? That would seem to be very cumbersome.
    • Are there any FIPS certified pure-java JCE providers that will work with Android? Open Source or reasonably low cost preferred. I've looked at the list, but it's hard to tell what's something a developer can get ahold of and use in an app, vs an OEM. The two that jump out are RSA's Jsafe, and IBM's JCE. RSA's is the only one that appears to be certified on Android, but best I've been able to find out it's upwards of $200,000, which would be too pricy for a small research project. But assuming it's out there and works, I could perhaps proceed using something like Spongy Castle using the same algorithms, and hopefully just changing out the provider would work (e.g., if somebody wanted to foot the bill.)
Mark
  • 191
  • 1
  • 5

3 Answers3

6

Does application level code get to take advantage of the certified implementation on these devices?

Yes. As a component of a secure system you may make a claim like 'we are using OpenSSL FIPS Object Module 1.2 (Validation #1051 awarded 2008-11-17.) for encryption'.

that would mean they've replaced the default android JCE provider, correct?

Correct. Sun/Oracle do not have a FIPS validated module.

is there any way to determine that a FIPS certified JCE is available?

Yes, IBM has one 'IBM Java JCE 140-2 Cryptographic Module' You may want to look at the FIPS 140-1 and FIPS 140-2 Vendor List

in order to make a FIPS certifiable app, at the minimum one would need to use JNI to call out to a FIPS certified OpenSSL implementation, or an alternative pure java JCE provider, correct?

No. At a minimum you must make a convincing formal security argument that your application has a theory of secure functioning and that it will operate in the secure mode or it will cease functioning. There are many specific requirements for FIPS validation and simply using a secure component does not even get you a fraction of the way to validation. It would be like putting a Fararri engine in your compact and calling it a race car.

assuming using a FIPS certified OpenSSL implementation, this would mean that any secure networking calls (HTTPS for example), would have to be done either in native code (C) invoking the OpenSSL implementation, or use JNI to invoke the OpenSSL libraries? That would seem to be very cumbersome.

It is actually much much worse than that. For FIPS approval you must show that another application running on the same hardware can not interfere with the secure functioning of your application, which usually means that the Operating system has specific security controls and that the hardware supports the OS security controls. Yes thats right:

Your general purpose Android application will only be validated for a specific piece of hardware with a specific version on Android OS

For example 'Android Ice Cream Sandwich 4.0 running on Galaxy S2 and Galaxy S3'

Are there any FIPS certified pure-java JCE providers that will work with Android? Open Source or reasonably low cost preferred.

Unlikely to find at low cost.

I could perhaps proceed using something like Spongy Castle using the same algorithms, and hopefully just changing out the provider would work (e.g., if somebody wanted to foot the bill.)

No as the cryptographic provider is integral to the security argument. The real work is making the security argument, not creating the application.

this.josh
  • 8,843
  • 2
  • 29
  • 51
  • 3
    Sun/Oracle has nothing to do with it. Google provides the JCE used on Android. You'll also note that the "IBM Java JCE 140-2 Cryptographic Module" is not certified on any version of Android http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/1401val2009.htm#1081 – Mark Jan 17 '14 at 14:44
2

Let's not conflate concepts. There are approved algorithms and approved implementations.

To use an "approved algorithm" (or protocol), you use, say, SHA-256. This is a mathematically defined function. There is one SHA-256; as long as the code you use implements SHA-256 as per the standard, then you are using an "approved algorithm".

An approved implementation is a system which has been formally verified, by NIST, that it is "correct" for some definition of correctness. Such a verification is long, expensive, and involves a lot of audit and paper (we are talking about dozens of thousands of pages and dozens of thousands of dollars here). Opensource projects, as a rule, don't have time, funds or envy to do that; this happens only upon specific sponsoring by some corporation who requires the certification stamp in order to sell some product to an inflexible government.

Are you sure you want an approved implementation ? This looks weird, because approved implementations don't make much sense except as part of an overall application which is equally certified -- and you would know it.

Tom Leek
  • 168,808
  • 28
  • 337
  • 475
  • I've updated the first question to resolve the ambiguity over algorithm vs implementation. I believe I have not mixed the terms up anywhere else. The idea is to build an application that *could* pass muster. It's a pretty loosely defined informal project, but if a FIPS implementation is available (say, from the device manufacturer), or be fairly simple to switch from, say Spongy Castle to JSAFE with minimal code changes. – Mark Jan 17 '14 at 00:41
2

If you need “government approved protocols”, then the requirement is that you use algorithms and protocols that are codified by a government and approved for use by this government. Going out on a limb and assuming that said government is the US government, that means you must use algorithms specified by current NIST publications.

Most of the major cryptographic building blocks are specified by NIST in FIPS or NIST publications and approved for US government products. A handy list of algorithms is the ones for which NIST runs a validation program; this includes:

Most well-designed products that use cryptography use these algorithms, so “government approved algorithms” is a common requirement even from non-governmental entities. It doesn't really say much more than “use good crypto algorithms that everybody knows as such”.

Communication protocols are less often specified by governments, so you may want to clarify how that requirement applies to protocols. The de facto standard for protocols over the Internet is RFC.

NIST runs a cryptographic module validation program. A FIPS 140 certificate is a stamp given out by the US government that certifies that an accredited laboratory has tested the implementation and found it conforming. FIPS 140 level 1 (that's FIPS 140-2 level 1, the -2 being the version of the standard) requires little more than computing some sample values and verifying that they are correct; higher levels (which you won't find on an Android device) have some security requirements.

Unless your requirements specify that you must use a government-approved implementation of these algorithms, then you don't need to look for any particular certificate on the implementation. Obtaining a certificate costs time and money, so as a rule vendors of mass market products go through the hassle. You can see the full list of validated products (or more precisely modules) on the NIST web site.

The main reason to get a FIPS certificate is to sell to the US government. For a research project, it's very unlikely that you'd need to have one, unless the goal of the project is to build a system containing an Android device that is itself FIPS-certified. Given the phrasing of your request, it is likely that all you need is to use the right algorithms (which you'd want to do anyway).

Gilles 'SO- stop being evil'
  • 50,912
  • 13
  • 120
  • 179
  • I updated the question to include the country (USA). I know well the difference between a protocol and an algorithm, I know what the IETF is, and in fact I linked in my question to the list of validated products. The idea is to develop something that could, with a few small changes, possibly be sold to an agency requiring FIPS certification, to be installed on devices that have already received certification. – Mark Jan 17 '14 at 00:52
  • @Mark Then you don't care at this point. You'll want to use algorithms that can be certified, but during development it won't matter whether the devices you use are already certified. Your code is likely to work on any device with the right Android version anyway. If your customer requires a FIPS certification, you'll have to certify your code as part of it, and then they'll need to decide which device they want to use. – Gilles 'SO- stop being evil' Jan 17 '14 at 01:01
  • Actually, I do care. If the device provides an already certified implementation, then it might well make sense to restrict the app to devices that provide such, rather than spending huge amounts of time and effort to leverage OpenSSL or $ on a commercial solution. – Mark Jan 17 '14 at 02:54