FIPS Warnings and Cautions

From OpenSSLWiki
Revision as of 18:44, 27 January 2014 by Stevem (talk | contribs) (moved FIPS Warnings and Cautions to FIPS:FIPS Warnings and Cautions: Create new namespace)
Jump to navigationJump to search

Software developers are the primary audience of this wiki, and as such naturally tend to focus on technical issues. When told to look into this thing called a "FIPS 140-2 validated module", the developer will focus on questions like: How do I build the FIPS module for this platform? How do I code my application to use it?

This wiki will attempt to address those questions, but there is a huge danger there. There is one and only one reason to use the OpenSSL FIPS Object Module, or the associated "FIPS capable" OpenSSL: because a non-technical policy specifically requires it. There is no advantage to using the FIPS module in any other circumstance; the cryptographic services proviced by the FIPS module are necessarily less secure, less maintainable, and have worse performance than those provided by an OpenSSL release of equal or later vintage. The FIPS module is used only because a specific customer or situation requires it, most commonly the U.S. Government and Department of Defense where procurement policies require that cryptographic implementations be FIPS 140-2 validated.

However, there is a lot more to satisfying those policy mandates than just getting the software to compile and run for your specific platform. FIPS 140-2 also imposes a number of what can be called ideological requirements that have no technical or practical basis and are not obvious or comprehensible to the typical software developer. The mere fact that a FIPS module (and/or FIPS capable OpenSSL) is running on a given platform does not mean that the result can be claimed as FIPS 140-2 validated.

The most obvious example is the requirement that the source code distribution be obtained from a snail-mailed CD and not downloaded from http://www.openssl.org/source/. That is true even though a cursory check will show both files to be bit-for-bit identical. A software developer thinks of bits as fungible and interchangeable, like electrons in a wire or drops of water in an ocean; a file (string of bits) copied or moved to another location is the same file. In the world of FIPS 140-2 they are not; the file copied from anywhere than the physical CD is not the same even though it is bit-for-bit identical. The world of FIPS 140-2 contains several such concepts that are incomprehensible to the uninitiated, and sometimes the topic of much discussion and disagreement among the test labs and specialists that work in that world extensively.

The purpose of this page is to present a warning that simply getting the FIPS module to compile and run for your platform(s) of interest is the least of your problems, as you need to satisfy the ideological requirements. That's the hard part, as those requirements are nowhere articulated clearly.

[more to come]