PAM Conformation To Cryptography Modules

book

Article ID: 128844

calendar_today

Updated On:

Products

CA Privileged Access Manager - Cloakware Password Authority (PA) PAM SAFENET LUNA HSM CA Privileged Access Manager (PAM)

Issue/Introduction

Additional information that maybe useful for your organization's security compliance.
 


Does PAM conforms to the cryptographic requirements listed here?
 
a. Symmetric Encryption: AES with key sizes of 256 bits;
b. Asymmetric Encryption: RSA Public Key Encryption with key sizes of at least 2048 bits or Elliptic Curve Cryptography Standard with key sizes of at least 256 bits;
c. Digital Signature: Digital Signature Algorithm (compliant to FIPS 186-4) or Elliptic Curve Digital Signature Algorithm (ECDSA) (supporting B-283 and P-256 curves);
d. Hash Algorithm: SHA-2 with size of at least 256 bits above; and
e. Key Exchange: Elliptic Curve Diffie-Hellman (ECDH) (supporting B-283 and P-256 curves).

Environment

PAM 3.x

Resolution

Product group provided these answers:

a. Symmetric Encryption: AES with key sizes of 256 bits; Supported
b. Asymmetric Encryption: RSA Public Key Encryption with key sizes of at least 2048 bits or Elliptic Curve Cryptography Standard with key sizes of at least 256 bits; Supported
c. Digital Signature: Digital Signature Algorithm (compliant to FIPS 186-4) or Elliptic Curve Digital Signature Algorithm (ECDSA) (supporting B-283 and P-256 curves); Supported (p256, p384)
d. Hash Algorithm: SHA-2 with size of at least 256 bits above; and Supported
e. Key Exchange: Elliptic Curve Diffie-Hellman (ECDH) (supporting B-283 and P-256 curves). Supported (p256)