ECIES is Elliptic Curve Integrated Encryption Scheme. Both Certicom\'s SecurityB
ID: 653404 • Letter: E
Question
ECIES is Elliptic Curve Integrated Encryption Scheme. Both Certicom's SecurityBuilder and RSA Data Security BSAFE provide ECIES. Both are FIPS 140 validated, and both clearly list ECIES in their data sheets.
ECIES effectively creates a stream cipher and XOR's the keystream with plaintext. That's grossly simplified, but I think it captures the essence of the Data Encapsulation Mechanism (DEM). More to the point: ECIES does not use an approved block cipher (like AES or 3-key TripleDES).
However, NIST only allows block ciphers and streaming modes of operation, like OFB and CTR; and does not offer stream ciphers.
How is ECIES available in validated libraries like SecurityBuilder and BSAFE? Or (from an offline discussion), how can ECIES be FIPS 140 validated?
Explanation / Answer
The trick is that to use those modules in a FIPS-compliant way, you need to only use the validated algorithms. For instance, in the BlackBerry document:
... ECIES ... encryption algorithm are supported as non FIPS Approved algorithms. In order to operate the module in compliance with FIPS, these algorithms should not be used.
This is backed up by the NIST Guidance :
NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.
So, although a module can be FIPS 140-2 validated, the onus is on the operator to ensure that how it is used is in compliance with the current standard. With that understanding, the maker of a module can include non-FIPS-validated algorithms for other purposes.
Related Questions
Navigate
Integrity-first tutoring: explanations and feedback only — we do not complete graded work. Learn more.