information security corporation +1-847-405-0500 · 2019-06-07 · overview isc cdks make...
TRANSCRIPT
Development Kit Benefits
• Reduced development costs
• Supported by experts who will actually talk with you
• Licensed to fit your needs
• Easy to buy by speaking with a sales representative or reseller
• Uses NIST CMVP-validated FIPS 140-2 cryptography and today’s proven standards, including ANSI X.509 and IETF PKIX, TLS, and S/MIME
• Made in the U.S.A.
Overview
ISC CDKs make standards-based cryptographic building blocks available to developers and integrators. Use them to construct secure corporate applications for internal use or OEM products for resale.ISC’s different CDKs provide:• low level cryptographic primitives• X.509 certificate and CRL processing, OCSP client, TLS client,
S/MIME messaging, and PKCS#7 and PKCS#12 handling• high level functionality such as “encrypt a file”,
“encrypt a buffer”, or “enroll a user”
infoseccorp
@infoseccorp
/infsec.us
Information SecurityCORPORATION
ISC CDKs are flexible, cost effective libraries of linkable cryptographic modules that allow you to add encryption, digital signatures, and message authentication to any application.
Standards Compliance
ISC’s core cryptographic library, CDK 8, on which all other ISC development kits rely, was awarded NIST FIPS 140-2 Level 1 Certificate No. 3105. It is also compliant with the NSA Commercial National Security Algorithm Suite (CNSA Suite) and meets or exceeds all DoD/CNSS NSTISSP #11 acquisition requirements. Its FIPS 140-2 Certification was performed by a NIST-accredited laboratory that did source code level validation of all supported FIPS approved algorithms and security interfaces. Review and oversight was provided jointly by NIST and CSE.
©2019 Information Security Corporation. All rights reserved. CertAgent, CSPid, SecretAgent, and SpyProof! are registered trademarks of Information Security Corporation and may not be used without permission. All other trademarks, service marks, and product or service names are trademarks or registered trademarks of their respective owners. Specifications quoted herein are subject to change without notice.
Information SecurityCORPORATION
Use Cases for CDKs
Implementing Custom Encryption or Key Management SchemesCDKc is ISC’s core, FIPS-validated, cryptographic library and allows you to easily incorporate encryption, key agreement, digital signature, and authentication into custom applications
Working with Certificates, Credentials, and other ASN.1-Encoded DataCDKp has all the functionality needed to create your own PKI solution
Securing CommuncationsCDKp also includes a TLS suite to quickly enable secure communications for EFT, EDI, and real-time communications
Protecting Files or DataThe SecretAgent/API (SA/API) allows you to easily add file encryption and authenticity to any application including audio/video players, data transfer applications, etc.
Building a Custom PKI StorefrontCKG is the perfect toolkit for creating custom storefronts or enrollment workflows leveraging CCMS, CertAgent, and more
EXPORT INFORMATIONISC CDKs may be freely exported to all but a handful of embargoed countries and denied parties under License Exception ENC:
ECCN 5D002; CCATS: G026249
TECHNICAL SPECIFICATIONS
Symmetric Ciphers
AES (128/192/256-bit)TDES/DES/DESX
Modes of Operation
ECB, CBC, CBC_CS3, CFC-1, CFB-8, CFB-64, CFB-128, OFB, CTR, GCM
Key Exchange
RSA (up to 16384-bit keys)DH (up to 3072-bit keys)ECDH (233/283/409/571-bit NIST curves in char. 2, 256/384/521-bit NIST curves in char. p) AES Key Wrap
Digital Signature
RSA (up to 16384-bit keys)DSA (up to 3072-bit keys)ECDSA (NIST curves up to 571-bits in char. 2, 521-bits in char. p)
Message Digests
SHA-1SHA-2 (224, 256, 384, 512, 512/224, 512/256)SHA-3 (224, 256, 384, 512, SHAKE-128, SHAKE-256)
HMAC SHA-1, SHA-2, SHA-3
DBRG NIST SP800-90A HMAC DRBG SHA2-256 (256-bit)
SUPPORTED PLATFORMS• Windows 7, 8, 8.1, 10, or above (x64)• Apple OS X 10.10 or higher (x64) • CentOS 6.7 (Linux Kernel 2.6.32-573)
or above (x64)
The high performance C++ code (with or without assembly language optimizations) can be readily ported to additional platforms upon request while maintaining FIPS 140-2 compliance.