Canon imageFORMULA ScanFront 400 CAC/PIV ScanFront 400 CAC/PIV Configuration G - Page 35

Cryptography Configuration, Supported FIPS 140-2 Validated Encryption Algorithms

Get Canon imageFORMULA ScanFront 400 CAC/PIV PDF manuals and user guides View all Canon imageFORMULA ScanFront 400 CAC/PIV manuals
Add to My Manuals
Save this manual to your list of manuals

Page 35 highlights

3.4 Cryptography Configuration This section describes how to configure the cryptographic algorithms. Supported FIPS 140-2 Validated Encryption Algorithms • Symmetric Ciphers: 3DES, AES, (CBC, ECB, and CTS modes) • Digests: SHA-1, SHA-256, SHA-384, SHA-512 • Public Key Ciphers: RSA 1024, RSA 2048, RSA 3072, RSA 4096 (with direct access to raw keys (i.e., no certificate parsing)) • Keyed Hash: HMAC-SHA-1, HMAC-SHA-256 • Random Number Generator: FIPS 186-2-based PRNG, Dual EC DRBG (SP800-90) Supported Non FIPS Compliant Algorithms • Symmetric Ciphers: • Digests: • Keyed Hash: DES, RC2 (CBC and ECB modes only), and RC4 MD5 HMAC-MD5 Limited FIPS Compliant Algorithms • Asymmetric: • Symmetric: RSA (1024, 2048, 3072, 4096) AES/CBC/PKCS5Padding (128, 192, 256) AES/ECB/PKCS5Padding (128, 192, 256) Follow the procedure below to configure the default cryptographic algorithms and key sizes used in ScanFront 400 CAC/PIV. 1. Log on to the ScanFront 400 CAC/PIV device as the Administrator. For instructions on how to log on to the device as the Administrator, see Chapter 2, "Logging On," on p. 17. The Smart Card Reader configuration screen is displayed. 35 ScanFront 400 CAC/PIV V1.3.1 Configuration Guide

  • 1
  • 2
  • 3
  • 4
  • 5
  • 6
  • 7
  • 8
  • 9
  • 10
  • 11
  • 12
  • 13
  • 14
  • 15
  • 16
  • 17
  • 18
  • 19
  • 20
  • 21
  • 22
  • 23
  • 24
  • 25
  • 26
  • 27
  • 28
  • 29
  • 30
  • 31
  • 32
  • 33
  • 34
  • 35
  • 36
  • 37
  • 38
  • 39
  • 40
  • 41
  • 42
  • 43
  • 44
  • 45
  • 46
  • 47
  • 48
  • 49
  • 50
  • 51
  • 52
  • 53
  • 54
  • 55
  • 56
  • 57
  • 58
  • 59
  • 60
  • 61
  • 62
  • 63
  • 64
  • 65
  • 66
  • 67
  • 68
  • 69
  • 70
  • 71
  • 72
  • 73
  • 74
  • 75
  • 76
  • 77
  • 78
  • 79
  • 80
  • 81
  • 82
  • 83
  • 84
  • 85
  • 86
  • 87
  • 88
  • 89
  • 90
  • 91
  • 92
  • 93
  • 94
  • 95
  • 96
  • 97
  • 98
  • 99
  • 100
  • 101
  • 102
  • 103
  • 104
  • 105
  • 106
  • 107
  • 108
35
ScanFront 400 CAC/PIV V1.3.1 Configuration Guide
3.4
Cryptography Configuration
This section describes how to configure the cryptographic algorithms.
Supported FIPS 140-2 Validated Encryption Algorithms
Symmetric Ciphers:
3DES, AES, (CBC, ECB, and CTS modes)
Digests:
SHA-1, SHA-256, SHA-384, SHA-512
Public Key Ciphers:
RSA 1024, RSA 2048, RSA 3072, RSA 4096 (with
direct access to raw keys (i.e., no certificate parsing))
Keyed Hash:
HMAC-SHA-1, HMAC-SHA-256
Random Number Generator: FIPS 186-2-based PRNG, Dual EC DRBG (SP800-90)
Supported Non FIPS Compliant Algorithms
Symmetric Ciphers:
DES, RC2 (CBC and ECB modes only), and RC4
Digests:
MD5
Keyed Hash:
HMAC-MD5
Limited FIPS Compliant Algorithms
Asymmetric:
RSA (1024, 2048, 3072, 4096)
Symmetric:
AES/CBC/PKCS5Padding (128, 192, 256)
AES/ECB/PKCS5Padding (128, 192, 256)
Follow the procedure below to configure the default cryptographic algorithms and key
sizes used in ScanFront 400 CAC/PIV.
1.
Log on to the ScanFront 400 CAC/PIV device as the Administrator.
For instructions on how to log on to the device as the Administrator, see
Chapter 2,
“Logging On,”
on p. 17.
The Smart Card Reader configuration screen is displayed.