SNIA-SDC23-CIQ-Allison-Build-FIPS-140.pdf

《SNIA-SDC23-CIQ-Allison-Build-FIPS-140.pdf》由会员分享，可在线阅读，更多相关《SNIA-SDC23-CIQ-Allison-Build-FIPS-140.pdf（19页珍藏版）》请在三个皮匠报告上搜索。

1、Build FIPS 140 into your storage productsJason Rodriguez(CIQ)Jeremy Allison(CIQ/Samba Team)What is FIPS?The Federal Information Processing Standards(FIPS)of the United States are a set of publicly announced standards that the National Institute of Standards and Technology(NIST)has developed for use

2、in computer systems of non-military,American government agencies and contractors.FIPS 140-2Mandatory standard for the protection of sensitive or valuable data within Federal systemsApril 1,2022-Cryptographic Module Validation Program(CMVP)no longer accepts FIPS 140-2 submissions for new validation c

3、ertificates.September 22,2026-All FIPS 140-2 certificates are placed on the Historical ListHistorical List-This does not mean that the overall FIPS-140 certificates for these modules have been revoked,rather it indicates that the certificates and the documentation posted with them are more than 5 ye

4、ars old and have not been updated to reflect latest guidance and/or transitions,and may not accurately reflect how the module can be used in FIPS mode FIPS 140-3FIPS 140-3 is an incremental advancement of FIPS 140-2.More restrictions on allowed algorithms and key sizes.Organizations regulating FIPS

5、National Institute of Standards and Technology(NIST)Cryptographic Algorithm Validation Program(CAVP)Cryptographic Module Validation Program(CMVP)The FIPS 140 standards documents are written by and for experts in cryptography,not mortal storage engineers.The most common comment from storage programme

6、rs(me)encountering FIPS standards for the first time is:“But what does that mean?”Cryptographic Algorithm Validation Program-CAVP Ensure algorithms meets NIST standards Algorithms testing is conducted by injecting known inputs to ensure algorithms function correctly Once testing has completed the CA