Font Size Change

HOMEIT SecurityIT Security Evaluation and CertificationJCMVP (Japan Cryptographic Module Validation Program) Home IPA/ISEC:JCMVP:Approved Security Functions

PRINT PAGE

IT Security

IPA/ISEC:JCMVP:Approved Security Functions

Last Updated: 27 June 2018
Page created: 2 June 2008

Approved Security Functions

The specifications about the approved security functions (ASF-01; in Japanese)[PDF][Update]such as encryption functions, hash functions, and signature functions are shown as follows.

Public Key

Signature

  1. DSA[Update]
    FIPS PUB 186-4, Digital Signature Standard (DSS), July 2013.
    Note: The length of the parameter p and q shall be 2048 bits or larger and 224 bits or larger, respectively, for signature generation.
  2. ECDSA
    ANS X9.62-2005, Public Key Cryptography for the Financial Services Industry :
    The Elliptic Curve Digital Signature Algorithm (ECDSA)
    Note: The length of the order of the elliptic curve shall be 224 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation.
  3. ECDSA[Update]
    FIPS PUB 186-4, Digital Signature Standard (DSS), July 2013
    Note: The length of the order of the elliptic curve shall be 224 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation.
  4. ECDSA
    SEC 1: Elliptic Curve Cryptography (May 21, 2009 Version 2.0)
    Note1: The length of the order of the elliptic curve shall be 160 bits or larger.
    Note2: The length of the order of the elliptic curve shall be 224 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation.
  5. RSASSA-PKCS1-v1_5
    PKCS#1 v2.2: RSA Cryptography Standard, October 27, 2012.
    Note1: The length of the modulus shall be 1024 bits or larger.
    Note2: The length of the modulus shall be 2048 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation.
  6. RSASSA-PSS
    PKCS#1 v2.2: RSA Cryptography Standard, October 27, 2012.
    Note1: The length of the modulus shall be 1024 bits or larger.
    Note2: The length of the modulus shall be 2048 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation.

Confidentiality

  1. RSA-OAEP
    PKCS#1 v2.2: RSA Cryptography Standard, October 27, 2012.
    Note1: The length of the modulus shall be 1024 bits or larger.
    Note2: The length of the modulus shall be 2048 bits or larger and the length of the output of the hash function shall be 224 bits or larger for encryption.

Symmetric Key

64-bit block cipher

  1. 3-key Triple DES[Update]
    SP 800-67 Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, November 2017.
    Note: Only 3-key Triple-DES is approved.

128-bit block cipher

  1. AES
    FIPS PUB 197, Advanced Encryption Standard (AES), November 26, 2001
  2. Camellia
    Algorithm specifications of 128-bits block cipher Camelia (2nd version: September 26, 2001)

n-bit block cipher modes of operations

  1. Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher Feedback (CFB), Output Feedback (OFB), and Counter (CTR)
    SP 800-38A, Recommendation for Block Cipher Modes of Operation, December 2001.

128-bit block cipher modes of operations

  1. XTS
    SP 800-38E, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, January 2010.

Stream cipher

  1. KCipher-2[Update]
    Stream Cipher KCipher-2 (March 31, 2017 Version 1.2)

Hash

  1. Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512, SHA-512/224 and SHA-512/256)
    FIPS PUB 180-4, Secure Hash Standard, August, 2015.
  2. SHA-3 Hash Algorithms (SHA3-256, SHA3-384, SHA3-512)[New]
    FIPS PUB 202, SHA-3 Standard, August, 2015.
  3. SHA-3 Extendable-Output Functions (SHAKE128, SHAKE256)[New]
    FIPS PUB 202, SHA-3 Standard, August, 2015.

Message Authentication

  1. HMAC (HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-512/224, and HMAC-SHA-512/256)
    The Keyed-Hash Message Authentication Code, FIPS PUB 198-1, July 2008.
    Note: Key length for HMAC generation shall be 112 bits or larger.
  2. CMAC
    Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, NIST Special Publication 800-38B, May 2005 (Updated 10/6/2016).
  3. CCM
    Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality, NIST Special Publication 800-38C, May 2004.
  4. GCM/GMAC
    Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, NIST Special Publication 800-38D, November 2007.

Random Number Generators

Deterministic random number generators

  1. Hash_DRBG, HMAC_DRBG and CTR_DRBG[Update]
    National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, Special Publication 800-90A Revision 1, June 2015.

Non-deterministic Random number generators

There are no approved non-deterministic random number generators in JCMVP.

Key Establishment Schemes

Key agreement

  1. DH[Update]
    National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.
    Note 1: The length of the parameter p and q shall be 2048 bits or larger and 224 bits or larger, respectively.
    Note 2: Only FIPS 186-type domain parameters is approved.
  2. MQV[Update]
    National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.
    Note 1: The length of the parameter p and q shall be 2048 bits or larger and 224 bits or larger, respectively.
    Note 2: Only FIPS 186-type domain parameters is approved.
  3. ECDH[Update]
    National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.
    Note: The length of the order of the elliptic curve shall be 224 bits or larger.
  4. ECDH
    SEC 1: Elliptic Curve Cryptography (May 21, 2009 Version 2.0)
    Note: The length of the order of the elliptic curve shall be 224 bits or larger.
  5. ECMQV[Update]
    National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.
    Note: The length of the order of the elliptic curve shall be 224 bits or larger.
  6. Key Establishment Schemes in NIST SP800-56B[Update]
    National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography, Special Publication 800-56B Revision 1, September 2014.
    Note: The length of the modulus shall be 2048 bits or larger.
  7. KDF[Update]
    National Institute of Standards and Technology, Recommendation for Key Derivation through Extraction-then-Expansion, Special Publication 800-56C Revision 1, April 2018.
  8. KDF
    National Institute of Standards and Technology, Recommendation for Key Derivation Using Pseudorandom Functions (Revised), Special Publication 800-108, October 2009.
  9. KDF
    National Institute of Standards and Technology, Recommendation for Password-Based Key Derivation, Special Publication 800-132, December 2010.
  10. KDF
    National Institute of Standards and Technology, Recommendation for Existing Application-Specific Key Derivation Functions, Special Publication 800-135 Revision 1, December 2011.
    Note: TPM KDF is excluded.

Contact

For further information, contact to:
IT Security Center, Information-technology Promotion Agency, Japan
E-mail:E-mail address for JCMVP
TEL +81-3-5978-7545 (10:00-12:00, 13:30-17:00 JST, Monday-Friday)
FAX +81-3-5978-7548

Revision Record

27 June 2018 The list of Approved Security Functions is updated.
24 July 2014 The list of Approved Security Functions is updated.
7 Oct. 2013 Reference URLs are updated.
24 June 2013 The list of Approved Security Functions is updated.
14 Feb. 2013 The list of Approved Security Functions is updated.
20 Apr. 2012 XTS and GCM has been added to the list of Approved Security Functions.
26 Oct. 2009 The list of Approved Security Functions is updated.
26 Feb. 2009 The list of Approved Security Functions is updated.
2 June 2008 Page created.