HOMEIT SecurityIT Security Evaluation and CertificationJCMVP (Japan Cryptographic Module Validation Program) Home IPA/ISEC：JCMVP：Approved Security Functions

Last Updated: 27 June 2018

Page created: 2 June 2008

The specifications about the approved security functions (ASF-01; in Japanese)such as encryption functions, hash functions, and signature functions are shown as follows.

- DSA

FIPS PUB 186-4, Digital Signature Standard (DSS), July 2013.

Note: The length of the parameter*p*and*q*shall be 2048 bits or larger and 224 bits or larger, respectively, for signature generation. - ECDSA

ANS X9.62-2005, Public Key Cryptography for the Financial Services Industry :

The Elliptic Curve Digital Signature Algorithm (ECDSA)

Note: The length of the order of the elliptic curve shall be 224 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation. - ECDSA

FIPS PUB 186-4, Digital Signature Standard (DSS), July 2013

Note: The length of the order of the elliptic curve shall be 224 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation. - ECDSA

SEC 1: Elliptic Curve Cryptography (May 21, 2009 Version 2.0)

Note1: The length of the order of the elliptic curve shall be 160 bits or larger.

Note2: The length of the order of the elliptic curve shall be 224 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation. - RSASSA-PKCS1-v1_5

PKCS#1 v2.2: RSA Cryptography Standard, October 27, 2012.

Note1: The length of the modulus shall be 1024 bits or larger.

Note2: The length of the modulus shall be 2048 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation. - RSASSA-PSS

PKCS#1 v2.2: RSA Cryptography Standard, October 27, 2012.

Note1: The length of the modulus shall be 1024 bits or larger.

Note2: The length of the modulus shall be 2048 bits or larger and the length of the output of the hash function shall be 224 bits or larger for signature generation.

- RSA-OAEP

PKCS#1 v2.2: RSA Cryptography Standard, October 27, 2012.

Note1: The length of the modulus shall be 1024 bits or larger.

Note2: The length of the modulus shall be 2048 bits or larger and the length of the output of the hash function shall be 224 bits or larger for encryption.

- 3-key Triple DES

SP 800-67 Revision 2, Recommendation for the Triple Data Encryption Algorithm (TDEA) Block Cipher, November 2017.

Note: Only 3-key Triple-DES is approved.

- AES

FIPS PUB 197, Advanced Encryption Standard (AES), November 26, 2001 - Camellia

Algorithm specifications of 128-bits block cipher Camelia (2nd version: September 26, 2001)

- Electronic Codebook (ECB), Cipher Block Chaining (CBC), Cipher
Feedback (CFB), Output Feedback (OFB), and Counter (CTR)

SP 800-38A, Recommendation for Block Cipher Modes of Operation, December 2001.

- XTS

SP 800-38E, Recommendation for Block Cipher Modes of Operation: The XTS-AES Mode for Confidentiality on Storage Devices, January 2010.

- KCipher-2

Stream Cipher KCipher-2 (March 31, 2017 Version 1.2)

- Secure Hash Standard (SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512, SHA-512/224 and SHA-512/256)

FIPS PUB 180-4, Secure Hash Standard, August, 2015. - SHA-3 Hash Algorithms (SHA3-256, SHA3-384, SHA3-512)

FIPS PUB 202, SHA-3 Standard, August, 2015. - SHA-3 Extendable-Output Functions (SHAKE128, SHAKE256)

FIPS PUB 202, SHA-3 Standard, August, 2015.

- HMAC (HMAC-SHA-1, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512, HMAC-SHA-512/224, and HMAC-SHA-512/256)

The Keyed-Hash Message Authentication Code, FIPS PUB 198-1, July 2008.

Note: Key length for HMAC generation shall be 112 bits or larger. - CMAC

Recommendation for Block Cipher Modes of Operation: The CMAC Mode for Authentication, NIST Special Publication 800-38B, May 2005 (Updated 10/6/2016). - CCM

Recommendation for Block Cipher Modes of Operation: The CCM Mode for Authentication and Confidentiality, NIST Special Publication 800-38C, May 2004. - GCM/GMAC

Recommendation for Block Cipher Modes of Operation: Galois/Counter Mode (GCM) and GMAC, NIST Special Publication 800-38D, November 2007.

- Hash_DRBG, HMAC_DRBG and CTR_DRBG

National Institute of Standards and Technology, Recommendation for Random Number Generation Using Deterministic Random Bit Generators, Special Publication 800-90A Revision 1, June 2015.

There are no approved non-deterministic random number generators in JCMVP.

- DH

National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.

Note 1: The length of the parameter*p*and*q*shall be 2048 bits or larger and 224 bits or larger, respectively.

Note 2: Only FIPS 186-type domain parameters is approved. - MQV

National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.

Note 1: The length of the parameter*p*and*q*shall be 2048 bits or larger and 224 bits or larger, respectively.

Note 2: Only FIPS 186-type domain parameters is approved. - ECDH

National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.

Note: The length of the order of the elliptic curve shall be 224 bits or larger. - ECDH

SEC 1: Elliptic Curve Cryptography (May 21, 2009 Version 2.0)

Note: The length of the order of the elliptic curve shall be 224 bits or larger. - ECMQV

National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Discrete Logarithm Cryptography, Special Publication 800-56A Revision 3, April 2018.

Note: The length of the order of the elliptic curve shall be 224 bits or larger. - Key Establishment Schemes in NIST SP800-56B

National Institute of Standards and Technology, Recommendation for Pair-Wise Key Establishment Schemes Using Integer Factorization Cryptography, Special Publication 800-56B Revision 1, September 2014.

Note: The length of the modulus shall be 2048 bits or larger. - KDF

National Institute of Standards and Technology, Recommendation for Key Derivation through Extraction-then-Expansion, Special Publication 800-56C Revision 1, April 2018. - KDF

National Institute of Standards and Technology, Recommendation for Key Derivation Using Pseudorandom Functions (Revised), Special Publication 800-108, October 2009. - KDF

National Institute of Standards and Technology, Recommendation for Password-Based Key Derivation, Special Publication 800-132, December 2010. - KDF

National Institute of Standards and Technology, Recommendation for Existing Application-Specific Key Derivation Functions, Special Publication 800-135 Revision 1, December 2011.

Note: TPM KDF is excluded.

For further information, contact to:

IT Security Center, Information-technology Promotion Agency, Japan

E-mail:

TEL +81-3-5978-7545 (10:00-12:00, 13:30-17:00 JST, Monday-Friday)

FAX +81-3-5978-7548

27 June 2018 | The list of Approved Security Functions is updated. |
---|---|

24 July 2014 | The list of Approved Security Functions is updated. |

7 Oct. 2013 | Reference URLs are updated. |

24 June 2013 | The list of Approved Security Functions is updated. |

14 Feb. 2013 | The list of Approved Security Functions is updated. |

20 Apr. 2012 | XTS and GCM has been added to the list of Approved Security Functions. |

26 Oct. 2009 | The list of Approved Security Functions is updated. |

26 Feb. 2009 | The list of Approved Security Functions is updated. |

2 June 2008 | Page created. |