|
|
|
|
|
|
by KMag
3987 days ago
|
|
|
The reason for requiring a FIPS-validated crypto provider is that means the crypto provider been audited by a vetted auditor. In order to carry sensitive information, the crypto needs to be audited by a vetted auditor. "The CIO's nephew totally coded up the crypto last Summer, just trust us that it's good" doesn't cut it when handling sensitive government data. In particular, it means that random values are generated by a FIPS-certified generator, not just srandom(time()^getpid()); int x = random(); int y = random(); int z = random(); The government needs some kind of auditing standard and practice for systems that handle sensitive information. FIPS is far from perfect, but it gives a good lower bound on what the government is buying. |
|
|
No one respected in cryptography that I've met, or read papers from, would stand behind it as a seal that'd mean anything in actual security (please, someone, prove me wrong: I want to see SOME light in this tunnel). There are private entities with much more sensitive information than the U.S. Government, and the ones that take it seriously easily surpass FIPS (in purpose, not paper) with good engineering, because they can't hide behind a rubber stamp.
Not too long ago, I was on a team that was required to keep a FIPS-certified (FIPS 140-2) binary blob in production for months while there were known exploits against it. If you actually care about keeping amateur algorithms and implementations out of sensitive situations (vs. "Proving You Care via Paperwork"), you'd do better to follow Google or Facebook's security blogs than FIPS, because they react faster.