Your browser does not allow storing cookies. We recommend enabling them.


FIPS-Certified Cryptographic Library

Tectia Client, ConnectSecure, and Server can be operated in FIPS mode, using a version of the cryptographic library that has been certified according to the Federal Information Processing Standard (FIPS) 140-2.

The full OpenSSL cryptographic library is distributed with Tectia Client, ConnectSecure, and Server. However, only the algorithms provided by the fipscanister object in the library are used by Tectia Client, ConnectSecure, and Server. The OpenSSL FIPS-certified cryptographic library is used to provide the following classes of functions:

Table 3.1. APIs used from the OpenSSL library

APIDescriptionFunctions from OpenSSL
Random numbersFIPS-approved AES PRNG based on ANSI X9.32 is used from the OpenSSL library.FIPS_rand_*
AES ciphersVariants: ecb, cbc, cfb, ofb, ctrAES_*
DES ciphersVariants: ecb, cbc, cfb, ofbDES_*
3DES ciphersVariants: ecb, cbc, cfb, ofbDES_*
Math libraryBignum math library used by OpenSSL.BN_*
Diffie Hellman DH_*
Hash functionsVariants: sha1, sha-224, sha-256, sha-384, sha-512SHA1_*, SHA256_*, SHA512_*
Public KeyVariants: rsa and dsaRSA_*, DSA_*

No certificate functions are used from the OpenSSL library. Tectia provides its own certificate libraries.

The FIPS 140-2 Cryptographic Library is available on the operating systems supported by Tectia, except for Tectia Server for Linux on IBM System z and Tectia Server for IBM z/OS which do not support OpenSSL FIPS-certified cryptographic libraries. They support hardware acceleration on FIPS cryptographic operations.




What to read next:

  • Reduce Secure Shell risk. Get to know the NIST 7966.

    The NISTIR 7966 guideline from the Computer Security Division of NIST is a direct call to action for organizations regardless of industry and is a mandate for the US Federal government.
    Download now
  • ISACA Practitioner Guide for SSH

    With contributions from practitioners, specialists and SSH.COM experts, the ISACA “SSH: Practitioner Considerations” guide is vital best practice from the compliance and audit community.
    Download now