two-key tdea加密
disallowed
two-key tdea解密
legacy use
three-key tdea加密
deprecated through 2023
disallowed after 2023
three-key tdea解密
legacy use
skipjack 加密
disallowed
skipjack解密
legacy use
aes-128
加解密
acceptable
aes-192
加解密
acceptable
aes-256
加解密
acceptable
數字簽名生成
< 112 bits of security strength:
dsa: (l, n)
≠ (2048, 224), (2048,256) or (3072, 256)
ecdsa: len(n) < 224
rsa: len(n) < 2048
disallowed
≥ 112 bits of security strength:
dsa: (l, n) = (2048, 224), (2048,256) or (3072, 256)
ecdsa or eddsa: len(n) ≥ 224
rsa: len(n) ≥ 2048
acceptable
數字簽名核驗
< 112 bits of security strength:
dsa: ((512
≤ l < 2048) or (160 ≤ n < 224))
ecdsa: 160 ≤ len(n) < 224
rsa: 1024 ≤ len(n) < 2048
legacy use
≥ 112 bits of security strength:
dsa: (l, n) = (2048, 224), (2048,256) or (3072, 256)
ecdsa and eddsa: len(n) ≥ 224
rsa: len(n) ≥ 2048
acceptable
hash_drbg and hmac_drbg
acceptable
ctr_drbg with three-key tdea
deprecated through 2023
disallowed after 2023
ctr_drbg with aes-128/192/256
acceptable
dual_ec_drbg
disallowed
rngs in fips 186-2,ans x9.31,ans x9.62-1998
disallowed
金鑰生成主流有兩種:dh和mqv(menezes-qu-vanstone),同時也有有限域和橢圓曲線的dh和mqv;
sp 800-56a dh and mqv
schemes using finite fields
< 112 bits of security strength:
(len(p), len(q)) = (1024, 160)
disallowed
≥ 112 bits of security strength:
using listed safe-prime groups
orfips 186-type domain parameters (112-bit security
strength only):
(len(p), len(q)) = (2048, 224) or (2048, 256)
acceptable
non-compliant dh and mqv schemes using finite fields
< 112 bits of security strength:
len(p) < 2048 or len(q) < 224
disallowed
non-conformance to sp 800-56a
disallowed after 2020
sp 800-56a dh and mqv
schemes using elliptic curves
< 112 bits of security strength:
len(n) < 224
disallowed
≥ 112 bits of security strength:
(using specified curves)
acceptable
non-compliant dh and mqv schemes using elliptic curves
< 112 bits of security strength:
len(n) < 224
disallowed
≥ 112 bits of security strength:
non-conformance to sp800-56a or ig a.2
disallowed after 2020
sp 800-56b key agreement and key transport schemes
len(
n) < 2048
disallowed
len(
n) ≥ 2048
acceptable
non-sp 800-56bcompliant key agreement and key transport schemes
len(
n) < 2048
disallowed
pkcs1-v1_5 padding
deprecated through 2023
disallowed after 2023
other non-compliance
with sp 800-56b
deprecated through 2020
disallowed after 2020
kdf type
algorithm
status
hmac-based kdf
hmac using any
hash function
acceptable
cmac-based kdf
cmac using two-key tdea
disallowed
cmac using three-key tdea
deprecated through 2023
disallowed after 2023
cmac using aes
acceptable
sha-1
digital signature generation
disallowed, except where
specifically allowed by nist protocol-specific guidance.
digital signature verification
legacy use
acceptable
sha-2(sha-224
、sha-256、sha-384、sha-512,sha-512/224,sha-512/256)
sha-3
(sha3-224、sha3-256、sha3-384、sha3-512)
tuplehash and
parallelhash
acceptable for the purpose specified in sp 800-185
key lengths < 112 bits
disallowed
key lengths ≥ 112 bits
acceptable
key lengths < 112 bits
legacy use
key lengths ≥ 112 bits
acceptable
two-key tdea
disallowed
three-key tdea
deprecated through 2023
disallowed after 2023
aes
acceptable
two-key tdea
legacy use
three-key tdea
legacy use
aes
acceptable
aes
acceptable
key lengths < 112 bits
disallowed
key lengths ≥ 112 bits
acceptable
智慧型網聯汽車資訊保安測試解決方案
概述 為滿足日益嚴格的國內外法規和標準要求,應對愈發嚴峻的資訊保安風險,智慧型網聯汽車通常整合越來越多的資訊保安檢測和防禦措施。而相關的安全措施整合到部件和整車之後,能否發揮有效的防護效果,需要通過嚴格的資訊保安測試進行驗證和確認。經緯恆潤資訊保安團隊針對智慧型網聯汽車提供一系列的資訊保安測試解決方...
汽車資訊領域群雄並起,路在何方
內容市場的格局近年來也正發生微妙變化,垂直領域內容,越來越成為乙個公認的風口。水漲船高,汽車資訊消費市場發展空間大 自2018年首次出現銷量負增長後,中國汽車市場從 增量時代 正式進入 存量時代 在這個特殊的歷史階段,新冠肺炎疫情突然出現,再一次衝擊了本已身處寒冬的中國汽車產業。連續兩年的下行壓力加...
邁入認知商業時代!看IBM如何為汽車資訊化精準定位
2017年中國汽車cio峰會在對百餘位汽車企業cio展開書面問卷調查後,分析出近兩年為數眾多的汽車廠商在進行企業數位化轉型過程中,都在部署物聯網 雲計算 大資料分析 移動辦公等解決方案,同時指出轉型聚焦化困難,缺少完整數位化藍圖,對如何更好的進行資料分析 物聯網服務 雲端建設 企業it架構建模等方面...