NIAP: View Technical Decision Details
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
Archived TD0107:  FCS_CKM - ANSI X9.31-1998, Section 4.1.for Cryptographic Key Generation

Publication Date

Protection Profiles
PP_APP_v1.1, PP_APP_v1.2, PP_MD_v2.0, PP_MDM_V2.0, PP_ND_VPN_GW_EP_v1.1, PP_NDCPP_VPN_GW_EP_V2.0, PP_OS_v4.0, PP_OS_V4.1, PP_VOIP_V1.3, PP_VPN_IPSEC_CLIENT_V1.4

Other References

Issue Description

The referenced protection profiles (PPs) allow for the generation of asymmetric keys using RSA schemes that meet FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3. or ANSI X9.31-1998, Section 4.1.

The PPs also include an Application Note with the statement “The ANSI X9.31-1998 option will be removed from the selection in a future publication of this document. Presently, the selection is not exclusively limited to the FIPS PUB 186-4 options in order to allow industry some further time to complete the transition to the modern FIPS PUB 186-4 standard.”


Effective immediately, RSA schemes using ANSI X9.31-1998, Section 4.1 is no longer a valid selection.   NIAP will not accept products into evaluation that claim RSA schemes that meet ANSI X9.31-1998 Section 4.1.


Upon publication of FIPS 186-4 in July 2013, NIST only allows and tests for Key Generation as defined in FIPS 186-4.  

Site Map              Contact Us              Home