Platform: Using Delphi Rad Studio 2007 on Windows XP SP3 and Vista
Reference: http://csrc.nist.gov/groups/STM/cmvp/do ... al-all.htm
Requirement: FIPS 140.2 compliant encryption
========
My application obtains/creates sensitive data in PLAIN TEXT that it MUST save to file using *** FIPS 140.2 compliant encryption ***.
The URL above lists FIPS VALIDATED modules. Windows CryptoAPI is a validated module.
Questions:
1. Key Question: Does SecureBridge use Windows CryptoAPI for SHA-1, AES and Triple DES encryption? If no, does it use FIPS 140,2 validated code?
2. If yes, can it encrypt/decrypt plain text of any size (most of my needs are trivial - in range of 100 KB to 200 KB of plain text; occasionally larger)?
3. [NOT so important but good to have] Encrypted data in #2 will be saved to file and decrypted when read back from file. Does SecureBridge provide any functionality to save/load while performing encryption/decryption on the way?
Thank you
SHA-1, AES and 3DES: is SecureBridge FIPS 140.2 compliant ?
Dimon: Thank you for your prompt reply.
Is anyone interested in writing or sharing Delphi code for a small fee using Windows CryptoAPI ? As noted in my original message, I need encryption/decryption implementation using CryptoAPI for Triple DES and/or AES 128 algorithms - preferably both.
If interested please write to me privately: mavi [dot] SupraVISTA [at] gmail.com
(I have figured out how to do this for MD5 and SHA-1 hashing using CryptoAPI, so don't need that. I am using JEDI WCrypt2.)
Note for Dimon: I am sure you are well aware of BUSINESS significance of FIPS compliance (both for SecureBridge and your ]potential] customers) since government is the largest purchaser of health-care IT and of all IT products in general. So, I hope you will consider this in your spare time
Is anyone interested in writing or sharing Delphi code for a small fee using Windows CryptoAPI ? As noted in my original message, I need encryption/decryption implementation using CryptoAPI for Triple DES and/or AES 128 algorithms - preferably both.
If interested please write to me privately: mavi [dot] SupraVISTA [at] gmail.com
(I have figured out how to do this for MD5 and SHA-1 hashing using CryptoAPI, so don't need that. I am using JEDI WCrypt2.)
Note for Dimon: I am sure you are well aware of BUSINESS significance of FIPS compliance (both for SecureBridge and your ]potential] customers) since government is the largest purchaser of health-care IT and of all IT products in general. So, I hope you will consider this in your spare time