FIPS PDF Print E-mail


Certicom FIPS Solutions


Pre-Validated FIPS


Pre-Validated FIPS for Open Source

 

Pre-Validated FIPS for .NET

 

Certicom FIPS Resources

Security Builder API for Open Source Technical Brief

Meeting Government Security Requirements

 

Certicom Security for Government Suppliers

 

Security Builder API Resources

 

Security Builder API for .NET Technical Brief


Product Sheets

Security Builder API for Open Source Datasheet

Security Builder API for .NET Datasheet

Security Builder API for Open Source Technical Brief

Security Builder API for .NET Technical Brief

Ask Our Experts

It takes significant investments of time and money to achieve FIPS validation. Meeting FIPS requirements can cost tens of thousands of dollars and take 8-12 months – assuming you get it right the first time. Most don’t.

In fact, according to NIST, 48% of cryptography functions have flaws and 30% of algorithms don’t conform to standards. Rather than slip competitive development schedules and strain tight project budgets, let Certicom enable you to meet FIPS requirements in hours with a proven solution that industry leaders are already using.

With a pre-approved FIPS 140-2 Validated level 1cryptographic module from Certicom, you can build government approved client and server side applications without having to go through the lengthy and costly FIPS approval process.

In addition, Certicom provides expanded number of crypto classes enables additional high security functions, such as Elliptic Curve Cryptography (ECC) algorithms, which significantly increase application security, boosts efficiency, and provides a lasting competitive advantage.

Pre-Validated FIPS for Open Source


It takes significant investments of time and money to achieve FIPS validation or Suite B level security using Open Source code. Meeting FIPS requirements can take 8-12 months – assuming you get it right the first time. Most don’t.

In fact, according to NIST, 48% of cryptography functions have flaws and 30% of algorithms don’t conform to standards. Given the development costs, the added hardware, and the support requirements, Open Source isn’t completely “free.” Rather than slip competitive development schedules and strain tight project budgets, software vendors can rely on third party support to supply crypto classes for OpenSSL implementations. This expanded number of crypto classes enables additional high security functions, such as Elliptic Curve Cryptography (ECC) algorithms, which significantly increase application security, boosts efficiency, and provides a lasting competitive advantage.

 

 

FIPS for Open Source

 


For over 20 years, industry leaders such as General Dynamics, Texas Instruments, RIM, and the NSA rely on Certicom technology because they recognize the value of intuitive programming, high-performance, guaranteed code, professional documentation, solution road maps, immediate FIPS Validation, Suite B-level security, and an enduring commitment to keeping up with evolving standards.

Increase number of transactions processed by 300%, meet Suite B security requirements, and automatically gain FIPS validation on all major platforms

Certicom Security Builder API for Open Source enables developers to dramatically improve the performance and enhance the security of their SSL and SSH applications with Elliptic Curve Cryptography (ECC) – without requiring developers to re-code.

 

Security Builder API

 


In addition, developers are able to plug into Certicom ECC cryptographic providers quickly and easily – gaining complete Suite-B level security, achieving FIPS 140-2 validation on all major platforms automatically, and enhancing performance to significantly increase the number of SSL/TLS transactions processed.

 


Key Benefits

Dramatically Improve Performance
Using 224-bit ECC in OpenSSL leads to a performance improvement that enables 300% more transactions to be processed in any given timeframe. This increased efficiency – which results from switching to ECC from RSA –is attributed to the small key size of ECC algorithms.1

Reduce Time-to-Market
Meeting FIPS requirements can take 8-12 months – assuming you get it right the first time. Most don’t. 48% of crypto modules have security flaws and 30% of algorithms do not conform to standard. 20% fail the second time around as well.2 Security Builder API for Open Source enables developers to plug in Certicom’s pre-approved cryptographic module and cryptographic providers– saving an enormous amount of development time without requiring any re-coding or changes to your legacy systems.

Meet Suite B and FIPS Requirements
Companies can’t sell products that use encryption to government agencies without FIPS validation. And since Government networks use a wide range of platforms, Certicom enables customer to meet FIPS 140-2 validation on all major platforms with a pre-approved cryptographic module. As the primary source of Suite B technology, Certicom can help you achieve complete Suite B compliance quickly and easily.

 

Security Builder API for Open Source Datasheet


Security Builder API for Open Source Technical Brief

 

Certicom Security Builder API for Open Source delivers tremendous performance and portability while enabling developers to dramatically enhance security, achieving complete Suite B-level security and automatic FIPS 140-2 validation for all major platforms and leading applications.

 
Security Builder API for Open Source with Certicom Crypto Provider
Security Builder API for Open Source with Certicom Crypto Provider and FIPS
Programming Language
C
C
Cryptographic Providers
Security Builder Crypto-C 5.x
Security Builder GSE-C 2.x*
Symmetric Encryption
AES, DES
AES, DES
Asymmetric Encryption
RSA
RSA
Key Agreement/Key Transport
ECDH
ECDH
Digital Signatures
ECDSA, RSA
ECDSA, RSA
Hash Functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5
SHA-1, SHA-256, SHA-384, SHA-512, MD5
Random Number Generation
ANSI X9.62, FIPS 140-2 extension
ANSI X9.62, FIPS 140-2 extension
Implementation Code Size Range
200-275 KB
approx 1.1 MB
Open SSL Supported
0.9.8e
0.9.8e
Open SSH Supported
4.6p1
4.6p1
Platform Support
Linux ARM
Linux x86
Windows x86
Linux x86
Windows x86

 

* FIPS Certificate #542

Security Builder SSL-C vs. Open SSL: Comparing time required for authentication using ECDH/ECDSA cipher suites and RSA cipher suites**

 

SSL

 

Pre-Validated FIPS for .NET

In the government market, applications and products associated with the communication of sensitive data must meet FIPS requirements. It can take 8-12 months and significant budget. The .NET community can now meet this requirement in hours and show ROI.


"With Security Builder API for .NET, Certicom is providing a valuable tool for developers to add advanced security to applications built on .NET.” -Thom Robbins

Director .NET Platform

Product Management at Microsoft


Beyond government requirements, mobile devices are expected to work with a host of applications, networks, and other devices. By nature, remote devices are subject to interoperability and security concerns that are resolved by universal standards and effective porting of inherent security applications. Microsoft’s .NET Framework for Desktops and .NET Compact Framework for mobile devices makes it easy for developers to address interoperability issues, but doesn’t automatically port cryptographic functions. Certicom Security Builder API for .NET solves these issues by enhancing the security and flexibility of applications. By enabling complete FIPS 140-2 and Suite B-level security in mobile devices, developers can port existing security into and between .NET Frameworks to deliver superior security.

This comprehensive solution also functions inside the .NET environment as managed code, to offer the dual advantage of leveraging existing operating system interactions while still allowing calls to the native, unmanaged code maintained within the wrappers. This means code can be reused in any .NET Framework application, drastically speeding up development and increasing ROI.

 

Enable Suite B support for .NET applications and reduce development time


Certicom Security Builder API for .NET enhances the security and flexibility of your applications by enabling you to quickly and easily achieve complete Suite-B level security.


Whether you’re running applications on a desktop or a mobile device, Certicom enables you to port existing security into and between the .NET Framework and the .NET Compact Framework quickly and easily - saving you time and money while delivering superior security.

 

Windows Mobile


Security Builder API for .NET facilitates seamless access to a richer set of cryptographic classes, enabling you to achieve Suite B-level security and FIPS 140-2 validation. When used with a pre-approved cryptographic module that supports popular protocols including TLS and VPN in FIPS mode, Security Builder API for .NET can save you 8-12 months of development time.

Key Benefits


Increase ROI
Leverage your legacy systems, reduce development time required, and re-use existing code because components built using Security Builder API for .NET can be used by any of the 20+ approved .NET languages - including C# and Visual Basic. Security Builder API for .NET is also interoperable with Microsoft CAPI, the new Microsoft CNG architecture, and supports all .NET platforms.


Reduce Time-to-Market
Designed to the same standard as those supported by Microsoft, Security Builder API for .NET crypto classes integrate into the .NET Framework architecture with ease, cutting development time. The .NET API enables ECC-based security to be ported seamlessly between existing desktops to both the .NET and .NET Compact Frameworks. To speed up development even more and show how the APIs are used, Certicom also supplies C# and Visual Basic samples.


Achieve Suite B-level Security
Certicom is the only provider to enable legacy .NET applications and newer environments to attain complete Suite B-level security with highly optimized implementations. The .NET API also supports RFC 4492 and the new Suite B TLS and IPSec standards co-authored by the NSA.


Key Features


Security Builder API for .NET facilitates seamless access to a richer set of cryptographic classes, enabling you to achieve Suite B-level security and FIPS 140-2 validation. When used with a pre-approved cryptographic module that supports popular protocols including TLS and VPN in FIPS mode, Security Builder API for .NET can save you 8-12 months of development time.

 
Security Builder API for .NET
Security Builder API for .NET with FIPS
Cryptographic Providers
Security Builder Crypto-C 5.x
Security Builder GSE-C 2.x*
Symmetric Encryption
AES
AES
Asymmetric Encryption
N/A
N/A
Key Agreement/Key Transport
ECDH, ECMQV
ECDH, ECMQV
Digital Signatures
ECDSA
ECDSA
Hash Functions
SHA-1, SHA-256, SHA-384, SHA-512, MD5
SHA-1, SHA-256, SHA-384, SHA-512, MD5
Random Number Generation
ANSI X9.62, FIPS 140-2 extension
ANSI X9.62, FIPS 140-2 extension
Implementation Code Size Range
200-275 KB
approx 1.1 MB
Code Sample Languages
C#, Visual Basic
C#, Visual Basic

 

Platform Support .NET 1.0/1.1
Win32 .NET
Win64 .NET
Windows Mobile 2003
Windows Mobile 2003Emulator
Windows CE 4.x/ 5.x
.NET 2.0
Win32 .NET
Win64 .NET
Windows Mobile 2003
Windows Mobile 2003Emulator
Windows CE 5.x
.NET 1.0/1.1
Win32 .NET
Windows Mobile 2003
Windows Mobile 2003Emulator
Windows CE 4.x/ 5.x
.NET 2.0
Win32 .NET
Windows Mobile 2003
Windows Mobile 2003Emulator
Windows CE 5.x

* FIPS Certificate #542