Reputation: 115
Are FIPS certified algorithms in .net framework backward compatible?
Our software is based on .net framework 4.5. We are making our application FIPS compliant. So we are replacing the older classes with FIPS compliant classes.
MD5CryptoServiceProvider -> SHA1CryptoServiceProvider
RijndaelManaged -> AesCryptoServiceProvider
But we have certain data in our database which are encrypted with older algorithm. How do I retrieve them, as we are now using newer algorithms? Are the newer algorithms backward compatible?
Thanks
Upvotes: 1
Views: 554
Answers (1)
Reputation: 102245
we have certain data in our database which are encrypted with older algorithm. How do I retrieve them, as we are now using newer algorithms
Upsize the data. Rather than storing just MD5(data), add an extra column to the table called upsized. If upsized = false, then calculate SHA256(MD5(data)) and store it. Finally, set upsized = true.
There's some small/trivial technical defects in the construction, but it gets you past the C&A requirements of FIPS 140-2 and the SP800-53 audit.
Upvotes: 2
Related Questions
- This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms when building an app with visual studio
- How to check that an Asp.NET application is FIPS-ready
- How do I check for FIPS compliance at compile time?
- How to enforce FIPS in asp.net code (This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms.)
- Are CNG classes in .NET Cryptography namespace FIPS certified?
- When will C# AES algorithm be FIPS compliant?
- How can Windows OS detect if an algorithm is FIPS compliant?
- ASP.net This implementation is not part of the Windows Platform FIPS validated cryptographic algorithms
- Which .NET SHA1 class is FIPS compliant?
- Which FIPS compatible algorithm is better in dotNet 2.0?