Cryptographic Standards
Some features and cryptographic standards are only available in certain products or editions. Please view individual product features for details.
Innersafe security products use unmodified source code from a FIPS 140-2 validated module for:
Additional standards include:
Innersafe chose to include code from a FIPS validated module rather than loading the entire DLL in order to improve security against generic attacks (e.g., a novice hacker writing a script to replace all known FIPS modules with his module). This means Innersafe binaries are not FIPS validated and do not have "FIPS Inside" status.
Innersafe does not intentionally weaken standards to gain easier export approval (e.g., using AES with reduced rounds or weak confidentiality modes like ECB, reusing the same initialization vector, etc.)
AES (Advanced Encryption Standard) is the default block cipher used in Innersafe products. Unmodified source from a FIPS 140-2 validated module is used by Innersafe for AES.
AES is the result of a recent multi-year effort involving the cooperation between the U.S. Government, private industry, and academia from around the world to develop an encryption technique to replace aging standards.
Twofish is available as an option in professional editions. Twofish is a block cipher by Counterpane Labs that was one of the five Advanced Encryption Standard finalists. Twofish was created and analyzed by Bruce Schneier, John Kelsey, Doug Whiting, David Wagner, Chris Hall, and Niels Ferguson.
Standard editions use 128-bit symmetric keys. In June 2003, the NSA approved AES-128 for protecting classified information up to SECRET level (when using NSA-certified implementation of AES-128 products).
Professional editions allow 256-bit symmetric keys as an option. In June 2003, the NSA approved AES-256 for protecting classified information up to TOP SECRET level (when using NSA-certified implementation of AES-256 products).
WARNING: Products offering symmetric keys larger than 256 bits may be a sign of snake-oil. Please ask a qualified security expert before purchasing such products.
PBKDF2 is the default key derivation function used by Innersafe. PBKDF2 is defined in RFC 2898 and PKCS #5: Password-Based Cryptography Specification Version 2.0.
Innersafe products exceed the minimum recommended iteration count of 1,000 to derive keys used for encrypting content. Further, Innersafe products do not store the derived key in any file so that password recovery is not possible by analyzing the file.
Some editions may use a secret other than a password. For example, professional editions allow the use of any file 1KB to 1GB (gigabyte) as a "passfile". Passfiles can help consumers get accustomed to multi-factor authentication without the complexity of PKI or cost of smart cards.
The default Pseudorandom Number Generator (PRNG) used by Innersafe is based on ANSI X9.31 Appendix A.2.4.
ANSI X9.31 Appendix A.2.4 specifies a technique for generating pseudorandom numbers using Triple-DES. This is the same technique (using DES) that was specified in Appendix C of ANSI X9.17.
Innersafe Professional Edition can optionally replace Triple-DES with either AES or Twofish as the block cipher for generating pseudorandom numbers.
ANSI X9.31-1998 Appendix A.2.4 is one of four FIPS Approved deterministic random number generators listed in FIPS 140-2 Annex C.
NOTE: Attacks against the SHA-1 standard were published by researchers in 2005 before Innersafe products were sold to the public. Thus, Innersafe products use HMAC-SHA-1 or HMAC-SHA-256 (keyed hash) rather than plain secure hash when practical.
Standard editions sparingly use SHA-1 as the default secure hash function. And professional editions use SHA-256 as the default secure hash function.
A secure hash function is utilized for computing a condensed one-way representation of a message or a data file.
SHA-1 is specified in FIPS 180-1, FIPS 180-2 and in the ANSI X9.30 standard. SHA-1 is a revision to Secure Hash Algorithm (SHA) originally specified in the Secure Hash Standard (SHS, FIPS 180) in 1993.
FIPS 180-2 is listed in FIPS 140-2 Annex A: Approved Security Functions.
The HMAC specification in FIPS 198 is a generalization of Internet RFC 2104, HMAC, Keyed-Hashing for Message Authentication, and ANSI X9.71, Keyed Hash Message Authentication Code.
Standard editions use HMAC-SHA-1 as the default HMAC. Professional editions uses HMAC-SHA-256 as the default HMAC but allows the user to choose HMAC-SHA-1.
FIPS 198 is listed in FIPS 140-2 Annex A: Approved Security Functions.
