[Cscwg-public] FIPS token supporting RSA 3072
Adriano Santoni
adriano.santoni at staff.aruba.it
Mon Mar 15 17:12:06 UTC 2021
Bruce,
is that the only FIPS or CC portable crypto token available on the
market, supporting at least 3072-bits RSA keys ?
It seems to me there are not too many, and I think it would be a nasty
thing it there was only one....
Adriano
Il 14/01/2021 19:51, Bruce Morton via Cscwg-public ha scritto:
> SafeNet states that their eToken 5110 CC supports CC EAL5+, which I believe meets our requirement.
> https://cpl.thalesgroup.com/access-management/authenticators/pki-usb-authentication/etoken-5110-usb-token
> https://cpl.thalesgroup.com/sites/default/files/content/product_briefs/field_document/2020-09/SafeNet_eToken_5110_PB_v20.pdf
>
>
> Bruce.
>
> -----Original Message-----
> From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Dean Coclin via Cscwg-public
> Sent: Thursday, January 14, 2021 1:22 PM
> To: Tomas Gustavsson <tomas.gustavsson at primekey.com>; cscwg-public at cabforum.org
> Subject: [EXTERNAL]Re: [Cscwg-public] FIPS token supporting RSA 3072
>
> Thanks, this is the same token our team looked into and it does NOT support what they advertise.
>
> Dean
>
> -----Original Message-----
> From: Cscwg-public <cscwg-public-bounces at cabforum.org> On Behalf Of Tomas Gustavsson via Cscwg-public
> Sent: Thursday, January 14, 2021 12:53 PM
> To: cscwg-public at cabforum.org
> Subject: [Cscwg-public] FIPS token supporting RSA 3072
>
> Hi,
>
> I think I found, memory is bad since before holidays, the token I looked at then.
>
> The YubiKey FIPS token is a bit strange:
> https://www.yubico.com/products/yubikey-fips/
> Here it says RSA 2048,
>
> but here
> https://support.yubico.com/hc/en-us/articles/360013729079--YubiKey-C-FIPS
>
> It says RSA3072 and 4096 with the OpenPGP module.
>
> The FIPS certificate gives some technical details on HW and firmware...
> https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/de
> tails?source=RSA&number=2569
>
> https://csrc.nist.gov/Projects/Cryptographic-Algorithm-Validation-Program/de
> tails?source=RSA&number=2569
>
> "SLE78CLUFX3000PH e58230b8 with Infineon CL70 1.03.006" is probably a very common chip to use, then it's the token vendor that has to to the FIPS validation of course...
>
> Still a bit confusing on the 3072 bit.
>
> Regards,
> Tomas
>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public
>
> _______________________________________________
> Cscwg-public mailing list
> Cscwg-public at cabforum.org
> https://lists.cabforum.org/mailman/listinfo/cscwg-public
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210315/897302c6/attachment.html>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 4557 bytes
Desc: Firma crittografica S/MIME
URL: <http://lists.cabforum.org/pipermail/cscwg-public/attachments/20210315/897302c6/attachment.p7s>
More information about the Cscwg-public
mailing list