OpenSSH use of OpenSSL in FIPS Mode

Joshua Hill josh-lists at untruth.org
Sat Mar 3 03:19:08 EST 2007


I Wrote Re: OpenSSH supporting the FIPS-a-fied OpenSSL:
> > Does it much matter?  

Bill Colvin responded:
> Yes it definitely does matter, particularly to government agencies (and
> more and more businesses) that are required to use FIPS certified crypto
> algorithms.
[...]
> The whole point behind getting FIPS certification for the OpenSSL source
> library is so that other open source applications (e.g. Apache or
> OpenSSH) can take advantage of it and provide applications that are only
> using FIPS Certified algorithms for those users that require it in their
> environments.

My point is that the OpenSSL validation does not accomplish the generally
desired end.  In order for a US federal agency to use hardware or
software to protect certain types of information, all the relevant crypto
functionality of that hardware or software needs to be covered by a FIPS
140 certificate.  The crypto functionality explicitly includes _all_
key establishment functionality, including the implementation of the
key establishment and data protection protocols (e.g., TLS and SSHv2).

The portion of the OpenSSL library that was actually evaluated only
include the cryptographic algorithms, and a bit of additional logic.

Thus, any product that includes the FIPS validated OpenSSL component,
and additionally includes some other crypto functionality (for example,
an implementation of the TLS protocol, the SSHv2 protocol, or really
almost anything else that is likely to be built on top of this particular
validated module) will need to go through its own separate FIPS 140
validation process.

			Josh



More information about the openssh-unix-dev mailing list