Protocol-Related Rules Enforcement in FIPS Validations (C22a)
Recently NIST started to enforce that auxiliary requirements of various algorithm specifications must be present and enforced by a FIPS module. Such requirements cover aspects such as how keys used for an algorithm are generated, how keys comply with certain properties or that the algorithm invocation must comply with certain well-defined rules. These requirements relate to protocol aspects how a cryptographic algorithm is to be used.
On the other hand, a FIPS module – specifically the hardware modules – provide raw cryptographic algorithms. These implementations ensure that the algorithm works correctly and that all FIPS 140 rules around those algorithms are met. Yet, such algorithms commonly have no control over the environment where how they are used. Moreover, a large number of such algorithms do not have a state beyond what is needed to fulfill one particular algorithm request. Fulfilling these protocol-related requirements is a challenge at best.
The topic will be analyzed for various algorithm definitions giving NIST a clear indication of the implications of enforcing protocol-related requirements. Further, vendors are made aware of the situation and given hints and guidance on how to approach and handle them.