OpenSSL-FIPS-Compliance

FIPS Compliance and OpenSSL

Product vendors often rely on OpenSSL to meet FIPS 140 requirements. However, with the new CMVP requirements and regulations, vendors using certain versions of the OpenSSL cryptographic library to meet FIPS 140-2/FIPS 140-3 requirements are ...

Read more

FIPS 140, CSfC, Common Criteria, UC APL

Maximize ROI: Market Your Certification

Taking the time, effort and resources to achieve FIPS or Common Criteria certification or UC APL listing is a big deal. It’s not an insignificant investment, and when it’s finally completed, you want to see a significant return, right? The most obvious solution is just to sell more product. And while this may seem both simple and obvious, we all know…

ESV Header

Entropy for FIPS and Common Criteria: What Is It?

In the world of cryptography, data is only safe as long as the keys used to protect that data are kept secure. While, on one hand, this means that keys must be protected against unauthorized access, it also means that keys must be created in a way that makes them difficult for an attacker to guess. To produce cryptographically strong…

FIPS 140-2, FIPS 140-2 validation, FIPS Validation, FIPS 140-2 process, FIPS Inside, FIPS Compliant

The FIPS Standard: Do I Revalidate?

In our recent blog post, we talked about the cost and timing you can expect if you pursue FIPS 140-2 revalidation for your product or system. We also touched on five change scenarios that necessitate revalidation. These scenarios were created by the Cryptographic Module Validation Program (CMVP), the same body that published the FIPS standard, which covers…

Watch A Webinar by Corsec

Webinar Recap: Revalidation – When Is the Right Time?

If you have been through the certification or validation process for your security product, I don’t need to tell you that it’s a substantial investment in time, resources and cost. Or that it’s worth that investment when you consider the benefits you’ll realize from your ability to sell into the lucrative government market. We discussed…