NIAP: View Details
NIAP/CCEVS
  NIAP  »»  Protection Profiles  »»  Technical Decisions  »»  View Details  
TD0107:  FCS_CKM - ANSI X9.31-1998, Section 4.1.for Cryptographic Key Generation
Publication Date
  09/14/2016
References
PP_APP_v1.1, PP_APP_v1.2, PP_MD_v2.0, PP_MDM_V2.0, PP_OS_v4.0, PP_OS_v4.1, PP_VPN_IPSEC_CLIENT_V1.4, PP_ND_VPN_GW_EPV1.1, PP_NDCPP_VPN_GW_EP_v2.0, PP_VOIP_V1.3
Issue Description

The referenced protection profiles (PPs) allow for the generation of asymmetric keys using RSA schemes that meet FIPS PUB 186-4, “Digital Signature Standard (DSS)”, Appendix B.3. or ANSI X9.31-1998, Section 4.1.

The PPs also include an Application Note with the statement “The ANSI X9.31-1998 option will be removed from the selection in a future publication of this document. Presently, the selection is not exclusively limited to the FIPS PUB 186-4 options in order to allow industry some further time to complete the transition to the modern FIPS PUB 186-4 standard.”

Resolution

Effective immediately, RSA schemes using ANSI X9.31-1998, Section 4.1 is no longer a valid selection.   NIAP will not accept products into evaluation that claim RSA schemes that meet ANSI X9.31-1998 Section 4.1.

Justification

Upon publication of FIPS 186-4 in July 2013, NIST only allows and tests for Key Generation as defined in FIPS 186-4.  



 
Site Map              Contact Us              Home