Application of C Based Cryptographic Module Operating in Java with Preservation of FIPS 140 Validation

Author

Hyunduk Choi ; Okyeon Yi

Author_Institution

Dept. of Financial Inf. Security, Kookmin Univ., Seoul, South Korea

fYear

2015

fDate

26-28 Jan. 2015

Firstpage

13

Lastpage

14

Abstract

Due to recent arise of cybercrime, importance of cyber security is highlighted more than ever. NIST has created Cryptographic Module Validation Program, namely CMVP, to validate security level of cryptographic modules for the United States Federal agencies: indeed, many are achieving the validation. According to the program, operating environments for any specific cryptographic module are fixed. In other words, running validated module in other software environment is strictly prohibited. However, this paper asserts that it is possible for a C based module to operate in Java environment without loss of validation as long as the module is running on a verified environment. We expect this paper to help saving great amount of time and costs for developing another cryptographic module for the same operating purpose.

Keywords

C language; Java; computer crime; cryptography; program verification; C based cryptographic module; CMVP; FIPS 140 validation preservation; Java environment; NIST; United States Federal agencies; cryptographic module validation program; cybercrime; software environment; Cryptography; Information security; Java; Libraries; NIST; Software; CMVP; Cryptographic Module; JNI;

fLanguage

English

Publisher

ieee

Conference_Titel

Platform Technology and Service (PlatCon), 2015 International Conference on

Conference_Location

Jeju

Print_ISBN

978-1-4799-1887-4

Type

conf

DOI

10.1109/PlatCon.2015.31

Filename

7079618