Why is SHA512Managed not FIPS Compliant?

Question

As the title asks, why does SHA512Managed encryption cause an InvalidOperationException when the FipsAlgorithmPolicy is active on a machine?

Is it not secure enough for the FIP standard, or is it too secure?

Answer 1

FIPS140-x deals with crypto modules in general, they're more about how much work went into verifying how well the crypto was implemented.

Now FIPS180-4 is all about Secure Hashing Standard, that's where you would find details about the SHA512 and all of its variants. Maybe SHA512Managed doesn't do something that the FIPS180 agrees with, or maybe that mode of operation just wasn't evaluated.

Answer 2

FIPS is not a single-standard but a wide set of standards.

"FIPS-compliant" is a redundant term - any implementation of the algorithm defined by FIPS is compliant, otherwise it would not interoperate with other implementations.

Now, there exists FIPS 140-2 - set of rules (mostly administrative and IT-related, rather than pure programming-related) that define what can be treated as "secure" environment.

Now we come closer ... The algorithm can be "FIPS-certified", that is approved by certified authority as the one that meets requirements of various standards including FIPS 140-2.

When you enable FIPS mode, you actually require that only FIPS-certified modules of Windows are used. And Windows does not have all crypto modules certified - certification is both expensive and time-consuming, so only certain set of native (non-managed) modules is certified, and only specific versions of those modules are certified.

So to put it simply - SHA512Managed class was not certified so it doesn't meet policy requirements.