Created 01 Jul 2011
Modified 01 Jul 2011

FIPS mode in SmartFTP is controlled by the system security setting either in the Local Security Policy or as part of Group Policy [1]. The following describes the effects in SmartFTP when FIPS mode is enabled:

SSH

The following algorithms are used for SSH: 

Key Exchange: DH, ECDH
Encryption: 3DES (CBC), AES (CBC, CTR)
Signature: ECDSA, RSA, DSA
HMAC: HMAC-SHA1

Depending on the operating system, SmartFTP uses different security packages:

Windows XP/2003: CryptoAPI (CAP) and OpenSSL.
Windows Vista and higher: CryptoAPI, BCrypt, NCrypt, OpenSSL.

FTPS

FTPS (FTP over SSL/TLS) builds on the Schannel security package. The effects for Schannel are described in [1].

FTP

S/Key: SHA1

File Integrity Check: SHA1, SHA2

File Encryption

AES in CTR mode with a 256-bit key length. 

References

1. http://support.microsoft.com/kb/811833/en-us