Skip to main content

SecureAuth Algorithms for FIPS Compliance

Introduction

SecureAuth IdP is a secure authentication solution that utilizes FIPS compliant algorithms for the generation, signing and validation of X.509v3 security credentials.

Applies to

SecureAuth IdP Version	OS Version
7.x+	Windows Server 2008 Windows Server 2008 R2 Windows Server 2012 Windows Server 2012 R2

SecureAuth IdP Architecture

The SecureAuth IdP architecture consist of (3) key components:

Component	Detail
Client	User-based browser extension
SecureAuth Authentication Appliance	Mechanism to validate user from enterprise user store and securely transfer certificate request to signing authority.
SecureAuth Certificate Server(s)	Either SaaS or enterprise-hosted certificate authority to sign certificate request

SecureAuth IdP Client

The SecureAuth client is a browser extension that generates a X.509 signing request and then has the SecureAuth Certificate Servers sign this request.

The algorithms used in this process are FIPS compliant:

Component	Algorithm / Strength	Platform	FIPS Certification
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows CE and Windows Mobile	#825
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows Server 2003 SP2	#868
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows XP SP3	#989
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows Vista Ultimate	#1002
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows 7	#1330
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows 8	#1894
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows 8.1	#2357
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows 10	#2703
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows Server 2008	#1010
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows Server 2008 R2	#1337
SecureAuth Certificate Request	RSA public key signature, 1024 bit or 2048 bit based on administrator configuration, Microsoft Enhanced Cryptographic Provider	Windows Server 2012	#1747
SecureAuth Certificate Signing	SHA2, 512 bit hash with a 2048 signing key	Windows Server 2012 R2	#2357

In this section:

Would you like to provide feedback? Just click here to suggest edits.