Knowledge Base

  1. Home
  2. Features
  3. FIPS 140-2
Created
Modified

Article 2628

FIPS 140-2

FIPS 140-2
The Federal Information Processing Standard (FIPS) Publication 140-2 specifies the security requirements of cryptographic modules used to protect sensitive information.

SmartFTP uses FIPS 140-2 validated cryptographic modules:

CryptoAPI / CNG
The CryptoAPI (CAPI) is the cryptographic module shipped with Microsoft Windows. Microsoft has maintained FIPS 140-2 validation for all operating system starting from Windows XP SP3.

Cryptography API: Next Generation (CNG) is the cryptography library that is available starting with Windows Vista / Windows 2008.

Reference: FIPS 140-2 Validation

OpenSSL
OpenSSL is used for the SSH implementation in SmartFTP.
FIPS 140-2 certificate #4282.

Change FIPS 140-2 Mode

SmartFTP enforces the operating system's FIPS policy. To change the FIPS policy of Windows:

  1. Click the Start button
  2. Go to Control Panel
  3. Select Administrative Tools
  4. Select Local Security Policy
  5. Go to Local Policies - Security Options in the tree on the left side
  6. Change System cryptography: Use FIPS compliant algorithms for encryption, hashing, and signing
Reference: Technet - FIPS 140 Evaluation "Instructions on Setting the FIPS Local Policy Flag"

Keywords
fips 140-2 fips nist

Related Articles
icon Effects of FIPS compliance


What do you think about this topic? Send feedback!