Security

Re: DES password algorithm is 64bit not approved by FIPS standard

 
chindi
Respected Contributor

DES password algorithm is 64bit not approved by FIPS standard

Team,

We have hpux 11iv3 in our setup with Trusted System.

Recently during audit there was question rasied reg password hashing algorith used in 11iv3.

We got reply from HP its DES based 64bit algorithm.

 

Then we got a reply from auditors saying ;

DES is not approved by FIPS standard.

It need to be 3DES 192 bits minimum or AES 128/256 bits.
Kindly suggest how to implement the same.

 

Any guidelines how to achive the same ?

Have askd HP team too.

2 REPLIES 2
Laurent_Menase
Occasional Advisor

Re: DES password algorithm is 64bit not approved by FIPS standard

RJHall
Frequent Advisor

Re: DES password algorithm is 64bit not approved by FIPS standard

Speaking of which, is there documentation somewhere showing the valid values for the CRYPT_DEFAULT attribute in security(4)? They only mention the traditional DES and the newer SHA-512 settings. Do they also support, say, Blowfish (2a)? Thanks.