Certifications

FIPS 140-2 Certification

The Cryptographic Module Validation (CMV) Program of the National Institute of Standards and Technology (NIST) provides specifications for software and hardware products that employ cryptographic algorithms, cryptographic key generation and distribution techniques. Authentication techniques that are FIPS 140-2 approved are certified for protecting Federal Government sensitive unclassified information. Vendor products are tested for compliance to these specifications by NIST-approved testing laboratories.

Cryptographic Module

SSH Cryptographic Library (Software Version 1.2.0)
(When operated in FIPS mode)
Validated to FIPS 140-2

Affected Products

SSH Tectia^TM client/server solution 4.0 (and later)

Level/Description

Overall Level: 1

EMI/EMC: Level 3
Self-Tests: Level 4
Operational Environment: Tested as meeting Level 1 with Windows XP, Solaris 8, AIX 4.3.3, HP-UX 11i (single user mode).
In addition to these tested platforms, Cryptographic Library supports Windows 2000, Windows 2003 Server, Solaris 9, HP-UX 10.20 and RedHat Enterprise Linux versions 2.1 and 3.0.

FIPS-approved algorithms: AES (Cert. #52); DES (Cert. #207); Triple-DES (Cert. #162); DSA (Cert. #82); RSA (PKCS#1, vendor affirmed); SHA-1 (Cert. #145); HMAC-SHA-1 (Cert. #145, vendor affirmed)
Other algorithms: MD5; SHA-256; HMAC-MD5; HMAC-SHA-1 96; CAST-128; Blowfish; Twofish; Arcfour; Diffie-Hellman (key agreement)

Multi-chip standalone
"The SSH Cryptographic Library is a standards-based shared library providing FIPS 140-2 certified cryptographic services for SSH Communications Security's security products. The library provides a rich API and a comprehensive set of state-of-the-art algorithms including AES, 3DES, SHA-1, HMAC, RSA and DSA."

Links to Other Information

Security Policy
FIPS 140-2 Validation Certificate (Certificate Number #370 attained in 2003)
Press release by SSH on January 12, 2004

Certification

SSH Tectia Server for IBM z/OS is IBM ServerProven®.

Search: