2

What is the relationship between the Suite B algorithms and FIPS 140-2 certification? Does OpenSSL meet both criteria?

From what I've read, it seems that OpenSSL's crypto library implements many algorithms, and the FIPS 140-2 Object Module covers a subset of those algorithms. Further, it seems that Suite B is an even smaller subset of the FIPS 140-2 certified algorithm list.

Is this correct? Am I on the right path? Any clarity would be appreciated. Thanks.

Finer Recliner
  • 121
  • 1
  • 3

1 Answers1

5

"NSA Suite B" is a definition of algorithms that shall be implemented to be able to... claim "Suite B" support. It is more guidelines than anything else, aimed at improving interoperability. Having support for Suite B algorithms can be a requirement to sell products to the US Federal Government; however, in general, there is no rule which makes implementation of these algorithms mandatory, and no certification system which formally guarantees that you implemented these algorithms correctly.

FIPS 140-2 is a formal definition of security requirements for cryptographic modules; it defines "levels". In order to claim a level, you not only have to do everything as specified in FIPS 140-2 for that level, but also to do a thorough audit which verifies your claims. Implemented algorithms are only a small part of FIPS 140-2; it also encompasses things like physical shielding and background checks on developers. For the algorithms, there is a list of approved algorithms; algorithms outside that list are simply ignored by FIPS 140-2 (your module can implement them, but they are out of scope).

Since the US government has not (yet) fallen to the Absurdity Circle of Hell, the "suite B" algorithms are a subset of the algorithms covered by FIPS 140-2.

As for OpenSSL:

  • It implements many cryptographic algorithms, including the "Suite B" algorithms but also many others.
  • OpenSSL is not, by itself, certified to comply with any level of FIPS 140-2, but it includes a "module" which has obtained some official stamp at some point, subject to some conditions, which are explained here and there.

Bottom-line: anybody can claim "Suite B" support; that's just a claim. A FIPS 140-2 certification for some level is considerably more formal, expensive, and restrictive. Compliance to FIPS 140-2 levels often creep up in big organizations as requirements; e.g. if you want to build and operate a PKI which complies to WebTrust (and is declared as such by an independent audit firm), then keeping CA keys in Hardware Security Modules which have been certified FIPS 140-2 level 3 will help a lot.

Tom Leek
  • 168,808
  • 28
  • 337
  • 475