SNIA-SDC23-CIQ-Allison-Build-FIPS-140.pdf

《SNIA-SDC23-CIQ-Allison-Build-FIPS-140.pdf》由會員分享，可在線閱讀，更多相關《SNIA-SDC23-CIQ-Allison-Build-FIPS-140.pdf（19頁珍藏版）》請在三個皮匠報告上搜索。

1、Build FIPS 140 into your storage productsJason Rodriguez(CIQ)Jeremy Allison(CIQ/Samba Team)What is FIPS?The Federal Information Processing Standards(FIPS)of the United States are a set of publicly announced standards that the National Institute of Standards and Technology(NIST)has developed for use

2、in computer systems of non-military,American government agencies and contractors.FIPS 140-2Mandatory standard for the protection of sensitive or valuable data within Federal systemsApril 1,2022-Cryptographic Module Validation Program(CMVP)no longer accepts FIPS 140-2 submissions for new validation c

3、ertificates.September 22,2026-All FIPS 140-2 certificates are placed on the Historical ListHistorical List-This does not mean that the overall FIPS-140 certificates for these modules have been revoked,rather it indicates that the certificates and the documentation posted with them are more than 5 ye

4、ars old and have not been updated to reflect latest guidance and/or transitions,and may not accurately reflect how the module can be used in FIPS mode FIPS 140-3FIPS 140-3 is an incremental advancement of FIPS 140-2.More restrictions on allowed algorithms and key sizes.Organizations regulating FIPS

5、National Institute of Standards and Technology(NIST)Cryptographic Algorithm Validation Program(CAVP)Cryptographic Module Validation Program(CMVP)The FIPS 140 standards documents are written by and for experts in cryptography,not mortal storage engineers.The most common comment from storage programme

6、rs(me)encountering FIPS standards for the first time is:“But what does that mean?”Cryptographic Algorithm Validation Program-CAVP Ensure algorithms meets NIST standards Algorithms testing is conducted by injecting known inputs to ensure algorithms function correctly Once testing has completed the CA

7、VP will issue a public certificateThe certificate validates the algorithm is compliant on a specific Operating Environment(OE)Note running on a different Operating Environment means the certification is no longer valid.CAVP Examples of an Operating EnvironmentCryptographic Module Validation Program-

8、CMVP The module must have the following featuresKnown Answer Tests(KAT)sExecuted on startup or module load to ensure the health of the library algorithmsPairwise Consistency Tests(PCT)sPCTs are run against a newly generated or imported keysThe following checks are performed depending on the the algo

9、rithms capabilitiesPublic Key checkSign/Verify checkEncryption/Decryption checkIntegrity testsA hash of the module on disk is generated and compared against a known answerEnsure that any unapproved algorithm features are not executedCryptographic Module Validation Program(CMVP)-Lab validation Functi

10、onal testingCode is annotated with print statements to show each KAT/PCT runs successfully.Code is modified to inject failures into KATs/PCTs for on demand failures.Demonstrate that unapproved algorithms return an error on execution.OpenSSL is the only library with published functional test code.Roc

11、ky Linux is planning to change this.Source code reviewA source code review form is filled out for the lab.Source code review is conducted.Security PolicyThe security policy documents all approved/unapproved modes of operation.FIPS packages in Rocky LinuxFIPS Rocky 8.6NSS 3.79.0Libgcrypt 1.10.0Rolled

12、 forward from 1.8.5-7Kernel 4.18.0-425.13.1Rolled forward from 4.18.0-372.32.1Openssl 1.1.1Upstream EOL-09/11/2023GnuTLS 3.6.16BackportedFIPS Rocky 9.2NSS 3.79.0Libgcrypt 1.10.0Kernel 5.14.0-284-11.1Openssl 3.x3.x was redesigned for FIPs 140-3 GnuTLS 3.7.6FIPS Certified vs.FIPS Compliant.A FIPS Cert

13、ified product has gone through the entire certification process described in previous slides,and has been submitted to a NIST-approved laboratory and passed.It is being run on the certified operating environment.Run this code on a different motherboard,make one change to the BIOS(turn on Intel AESNI

14、 instructions if certified with AESNI-off,or turn them off if certified with AESNI-on)and the product is no longer certified.Some customers REQUIRE this level of assurance.Youll know if you run into one.Theyll tell you.Most customers do not.A FIPS Compliant product is based on the FIPS certified cod

15、e,but isnt being run on the certified operating environment.Most customers wanting FIPS will be satisfied with FIPS compliant code(Note:my personal opinion).What are unapproved algorithms?Applications that depend on unapproved algorithms can use the algorithm as long as the algorithm is not being us

16、ed for verification or security reasons(but why else do you need them?:-).Partial list of unapproved algorithms MD4/MD5 RC4 3DES GHASH RSA(non-compliant with key sizes below the minimums Approved for FIPS mode and with untested functions)HMAC(key size cra_flags)&mask)/*Algorithm is disallowed in FIP

17、S mode.*/crypto_mod_put(alg);alg=ERR_PTR(-ENOENT);Is adding FIPS going to increase my support burden?Oh YES!:-).Once FIPS mode is enabled in your product,network connections to older systems/non FIPS-compliant systems can break.TLS connections have restrictions as to negotiated algorithms/key length

18、s under FIPS.TLS is used in a lot of software to provide(appropriately enough)transport-level security.Test all support-critical components(admin and support tools)to ensure customer support can access FIPS systems.Train customer support people on common FIPS interoperability problems and how to ide

19、ntify them.FIPS-enabled systems are really only completely happy talking to FIPS-enabled systems.Remember,FIPS-140-3 is more restrictive than FIPS-140-2.Dealing with patches and updatesOnce you have a FIPS Certified product,ANY change to the certified Operating Environment will mean the product is n

20、o longer FIPS Certified.What about patching CVEs?FIPS Certified systems must be re-certified after patching.This means FIPS Certified systems dont get patched much:-).Re-validation is a faster process that allows CVE changes in FIPS modules to be re-evaluated quicker than a full certification.Patchi

21、ng a FIPS compliant library or the kernel(even for a severe CVE fix)means the code is no longer FIPS compliant.Vendors and customers have to chose between leaving potentially severe vulnerabilities unpatched,or losing FIPS compliance.CVE fixes in other components of the operating environment dont affect FIPS compliance.Questions and comments?