FIPS certified cryptography for embedded systems
Posted on 28 February 2013.
At RSA Conference 2013 in San Francisco, Allegro announced the addition of the FIPS 140-2 compliant Allegro Cryptography Engine (ACE) to the RomPager suite of embedded internet toolkits.

Specifically engineered for the rigors of embedded computing, ACE makes embedding standards-based security protocols into resource sensitive embedded systems such as military, energy and healthcare embedded applications fast, easy and reliable while decreasing time to market.

Billions of embedded systems are quietly working behind the scenes of almost all modern technologies, from automobiles and factory floors, healthcare networks and new medical devices, defense and energy markets to space exploration missions. Increasingly, these critical embedded systems are built from commercial products, and often incorporate standards-based network connectivity.

Early networked desktop PCs and servers were unprepared to address the new security implications of network connectivity. The same is true for many of today’s embedded systems which presents a significant new security concern that must be addressed immediately and systematically.

Within the government, the National Institute of Standards and Technology (NIST) and National Security Agency (NSA) have taken steps to ensure security and compatibility between communicating computers by defining Federal Information Processing Standards (FIPS). Working together they have specifically identified a set of guidelines (FIPS 140-2) for cryptographic-based security systems to protect sensitive information in computer and telecommunication systems, whether desktop or embedded, and asserted the requirement that vendors must comply to these standards to sell and support the government or its contractors.

In addition to the government systems market, the FIPS 140-2 standards have been adopted by the financial (Check21, etc.), energy (Smart Grid) and healthcare (HIPAA, HITECH, etc.) industries to safe-guard their data.

ACE is a cryptographic library module specifically engineered to meet the needs of embedded computing systems in addition to fulfilling the requirements needed for FIPS 140-2 validation.

The module provides embedded systems developers with a common software interface to enable bulk encryption and decryption, message digests, digital signature creation and validation, and key generation and exchange.

In 2005, the NSA defined a set of cryptographic algorithms that when used together, are the preferred method for assuring the security and integrity of information passed over public networks such as the Internet. Today, Suite B is globally recognized as an advanced standard for cryptography that defines algorithms and strengths for encryption, hashing, calculating digital signatures and key exchange.

ACE includes a platform independent, government-certified implementation of the NSA Suite B defined suite of cryptographic algorithms.





Spotlight

Operation Pawn Storm: Varied targets and attack vectors, next-level spear-phishing tactics

Posted on 23 October 2014.  |  Targets of the spear phishing emails included staff at the Ministry of Defense in France, in the Vatican Embassy in Iraq, military officials from a number of countries, and more.


Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.
  



Daily digest

Receive a daily digest of the latest security news.
  

DON'T
MISS

Fri, Oct 24th
    COPYRIGHT 1998-2014 BY HELP NET SECURITY.   // READ OUR PRIVACY POLICY // ABOUT US // ADVERTISE //