DES password algorithm is 64bit not approved by FIPS standard

chindi · ‎09-17-2015

Team,

We have hpux 11iv3 in our setup with Trusted System.

Recently during audit there was question rasied reg password hashing algorith used in 11iv3.

We got reply from HP its DES based 64bit algorithm.

Then we got a reply from auditors saying ;

DES is not approved by FIPS standard.

It need to be 3DES 192 bits minimum or AES 128/256 bits.
Kindly suggest how to implement the same.

Any guidelines how to achive the same ?

Have askd HP team too.

Laurent_Menase · ‎09-24-2015

Hi Chindi

did you look at

https://h20392.www2.hp.com/portal/swdepot/displayProductInfo.do?productNumber=PHI11i3

Best regards,

Laurent

RJHall · ‎10-01-2015

Speaking of which, is there documentation somewhere showing the valid values for the CRYPT_DEFAULT attribute in security(4)? They only mention the traditional DES and the newer SHA-512 settings. Do they also support, say, Blowfish (2a)? Thanks.

Categories

Company

Local Language

Forums

Discussions

Forums

Discussions

Discussions

Forums

Discussions

Forums

Discussions

Forums

Forums

Discussions

Forums

Discussions

Forums

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Discussion Boards

Community

Resources

Other HPE Sites

Discussions

Forums

Blogs

DES password algorithm is 64bit not approved by FIPS standard

DES password algorithm is 64bit not approved by FIPS standard

Re: DES password algorithm is 64bit not approved by FIPS standard

Re: DES password algorithm is 64bit not approved by FIPS standard