OpenSSH use of OpenSSL in FIPS Mode

[Bill Colvin]

> -----Original Message-----
> From: Joshua Hill [mailto:josh-lists at untruth.org] 

> Does it much matter?  

Yes it definitely does matter, particularly to government agencies (and
more and more businesses) that are required to use FIPS certified crypto
algorithms.

> Using any additional functionality that is relevant to FIPS 140 (which
> would certainly include any key management process, for example, the
> SSL or TLS protocol implemented within OpenSSL, or the SSH v2 protocol
> present for OpenSSH) necessitates a separate validation process and a
> separate certificate.

These protocols support a smorgasbord of crypto algorithms, and those
that are actually used in a particular session are negotiated to a
common acceptable set between the two parties.  If one of those parties
is operating in FIPS mode using openssl, then the set of algorithms
would be restricted to those supported.  I believe the algorithms that
have een certified are sufficient to suppot any of these protocols.

> For the FIPS 140 validation scheme, using a validated sub-module is
> a significant advantage for closed source software, but it's a fairly
> small advantage for an open-source library.

The whole point behind getting FIPS certification for the OpenSSL source
library is so that other open source applications (e.g. Apache or
OpenSSH) can take advantage of it and provide applications that are only
using FIPS Certified algorithms for those users that require it in their
environments.

Bill