The Advanced Encryption Standard (AES), also known by its original name Rijndael, is a specification for the encryption of electronic data established by the U.S. National Institute of Standards and Technology (NIST) in 2001.
The U.S. National Security Agency (NSA) used to rank cryptographic products or algorithms by a certification called product types. Product types were defined in the National Information Assurance Glossary which used to define Type 1, 2, 3, and 4 products. The definitions of numeric type products have been removed from the government lexicon and are no longer used in government procurement efforts.
The Common Criteria for Information Technology Security Evaluation is an international standard for computer security certification. It is currently in version 3.1 revision 5.
The Federal Information Processing Standard Publication 140-2,, is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on May 25, 2001, and was last updated December 3, 2002.
The Secure Hash Algorithms are a family of cryptographic hash functions published by the National Institute of Standards and Technology (NIST) as a U.S. Federal Information Processing Standard (FIPS), including:
The 140 series of Federal Information Processing Standards (FIPS) are U.S. government computer security standards that specify requirements for cryptographic modules.
NSA Suite B Cryptography was a set of cryptographic algorithms promulgated by the National Security Agency as part of its Cryptographic Modernization Program. It was to serve as an interoperable cryptographic base for both unclassified information and most classified information.
SHA-2 is a set of cryptographic hash functions designed by the United States National Security Agency (NSA) and first published in 2001. They are built using the Merkle–Damgård construction, from a one-way compression function itself built using the Davies–Meyer structure from a specialized block cipher.
A hardware security module (HSM) is a physical computing device that safeguards and manages secrets, performs encryption and decryption functions for digital signatures, strong authentication and other cryptographic functions. These modules traditionally come in the form of a plug-in card or an external device that attaches directly to a computer or network server. A hardware security module contains one or more secure cryptoprocessor chips.
Network Security Services (NSS) is a collection of cryptographic computer libraries designed to support cross-platform development of security-enabled client and server applications with optional support for hardware TLS/SSL acceleration on the server side and hardware smart cards on the client side. NSS provides a complete open-source implementation of cryptographic libraries supporting Transport Layer Security (TLS) / Secure Sockets Layer (SSL) and S/MIME. NSS releases prior to version 3.14 are tri-licensed under the Mozilla Public License 1.1, the GNU General Public License, and the GNU Lesser General Public License. Since release 3.14, NSS releases are licensed under GPL-compatible Mozilla Public License 2.0.
A cryptographic module is a component of a computer system that securely implements cryptographic algorithms, typically with some element of tamper resistance.
The Common Criteria model provides for the separation of the roles of evaluator and certifier. Product certificates are awarded by national schemes on the basis of evaluations carried by independent testing laboratories.
Cryptographic Module Testing Laboratory (CMTL) is an information technology (IT) computer security testing laboratory that is accredited to conduct cryptographic module evaluations for conformance to the FIPS 140-2 U.S. Government standard.
The Avaya Secure Router 4134, in telecommunications and computer networking technologies, is a device manufactured by Avaya that combines the functions of WAN Routing, stateful firewall security, Ethernet switching, IP telephony, and Microsoft mediation into one device. In addition to sharing many features with other routers such as VRRP, MPLS, and hot-switchable modules, the SR-4134 also guards against individual circuit failures, has the ability to recover from device failures in less than a second, and instantly restores bandwidth once a connection has been repaired. The system is very energy-efficient and can save the owner as much as 40% on energy total cost of ownership, according to testing by the Tolly Group. In July 2011, it was integrated with the Silver Peak WAN optimization appliance to optimize the performance of enterprise voice, video, and unified communications (UC), to ensure that remote users have fast and reliable access to all centralized applications.
The Federal Information Processing Standard Publication 140-3 is a U.S. government computer security standard used to approve cryptographic modules. The title is Security Requirements for Cryptographic Modules. Initial publication was on March 22, 2019 and it supersedes FIPS 140-2.
Crypto++ is a free and open-source C++ class library of cryptographic algorithms and schemes written by Wei Dai. Crypto++ has been widely used in academia, student projects, open-source, and non-commercial projects, as well as businesses. Released in 1995, the library fully supports 32-bit and 64-bit architectures for many major operating systems and platforms, including Android, Apple, BSD, Cygwin, IBM AIX, Linux, MinGW, Solaris, Windows, Windows Phone and Windows RT. The project also supports compilation using C++03, C++11, C++14, and C++17 runtime libraries; and a variety of compilers and IDEs, including Borland Turbo C++, Borland C++ Builder, Clang, CodeWarrior Pro, GCC, Intel C++ Compiler (ICC), Microsoft Visual C/C++, and Sun Studio.
Utimaco Atalla, founded as Atalla Technovation and formerly known as Atalla Corporation or HP Atalla, is a security vendor, active in the market segments of data security and cryptography. Atalla provides government-grade end-to-end products in network security, and hardware security modules (HSMs) used in automated teller machines (ATMs) and Internet security. The company was founded by Egyptian engineer Mohamed M. Atalla in 1972. Atalla HSMs are the payment card industry's de facto standard, protecting 250 million card transactions daily as of 2013, and securing the majority of the world's ATM transactions as of 2014.
The tables below compare cryptography libraries that deal with cryptography algorithms and have API function calls to each of the supported features.
The IBM 4767 PCIe Cryptographic Coprocessor is a hardware security module (HSM) that includes a secure cryptoprocessor implemented on a high-security, tamper resistant, programmable PCIe board. Specialized cryptographic electronics, microprocessor, memory, and random number generator housed within a tamper-responding environment provide a highly secure subsystem in which data processing and cryptography can be performed. Sensitive key material is never exposed outside the physical secure boundary in a clear format.
ISO/IEC 19790 is an ISO/IEC standard for security requirements for cryptographic modules. It addresses a wide range of issues regarding their implementation, including specifications, interface definitions, authentication, operational and physical security, configuration management, testing, and life-cycle management. The first version of ISO/IEC 19790 was derived from the U.S. government computer security standard FIPS 140-2, Security Requirements for Cryptographic Modules.
