Discussion:
Kerberos 5 certified under NIST 140-2.
donald.koller at census.gov ()
2007-08-31 11:43:17 UTC
Permalink
I work at the U.S. Census Bureau and would like to use Kerberos 5 as our
network authentication protocol. The only problem is that for us to meet
our Certification and Accreditation and use Kerberos 5, it must be
certified under NIST 140-2. Do you have plans to have version 5 certified?
My understanding is that version 4 was.

If not, is there other viable solutions?

Thanks,
Don Koller
U.S Census Bureau
Foreign Trade
Division
Suitland MD 20233
301-763-7006(Work)
301-325-3036(Cell)
Ken Hornstein
2007-09-01 04:16:21 UTC
Permalink
Post by donald.koller at census.gov ()
I work at the U.S. Census Bureau and would like to use Kerberos 5 as our
network authentication protocol. The only problem is that for us to meet
our Certification and Accreditation and use Kerberos 5, it must be
certified under NIST 140-2. Do you have plans to have version 5 certified?
My understanding is that version 4 was.
You of course have to decide what you want to do. I will only point
out that the Department of Defense has set minimum required versions
of open-source software the clearly has never been certified under
FIPS 140-2 (well, okay, they don't use crypto modules which have
been certified, but you knew that's what I meant); that tells me
that at a DoD level, they seem to not care about FIPS 140-2. So I
would question the practical relevance of FIPS 140-2 when using
open-source software today.

I may be wrong, but I do not believe any implementation of Kerberos
4 ever went through a FIPS certification process; what you may be
thinking of is that some implementations of DES that met the original
FIPS requirements for DES could say that they were certified under
some later specification (it's been a while, and I think I've forgotten
many of the details).

When I looked into this for Kerberos, doing the certification cost
around $25,000-$35,000 and took a couple of years. And having seen
presentations from the people who did the work to get OpenSSL
FIPS-certified, it seems that NIST is actively hostile to open-source
software. If you have a a chunk of money sitting around and a few
years to spend jousting at windmills, let us know. So far no one
has done so.

--Ken
Marcus Watts
2007-09-01 11:47:22 UTC
Permalink
Post by Ken Hornstein
Post by donald.koller at census.gov ()
I work at the U.S. Census Bureau and would like to use Kerberos 5 as our
network authentication protocol. The only problem is that for us to meet
our Certification and Accreditation and use Kerberos 5, it must be
certified under NIST 140-2. Do you have plans to have version 5 certified?
My understanding is that version 4 was.
...
Post by Ken Hornstein
When I looked into this for Kerberos, doing the certification cost
around $25,000-$35,000 and took a couple of years. And having seen
...

As I read FIPS 140-2, it addresses hardware much more than software, and
very much addresses "complete systems" or sometimes "components" and really
does not address frameworks or pluggable environments much at all.

OpenSource software loses here on several points:
1. it's not a "finished" system. Somebody might come along at any
point and change it, invalidating any test results done until
that point.
2. the development process for "open source" does not generally conform
to FIPS 140-2 appendix A and B.

Appendix A describes the documentation that is necessary.
There's a lot of it, and it is very specific to the testing
required for FIPS 140-2. $25K to hire somebody to produce
this would be a real bargain for something as complicated as
kerberos 5.

Appendix B describes the "recommended software development
practice". These practices are probably a bit out of date, and
certainly do not describe modern conventions for C. The testing &
documentation is certainly considerably more rigorous than many
open source projects. Note that the better organized projects
at least approach the software methodology suggested here, with
interesting differences: for instance the design stage may happen
in part via online chat, unit testing may be on the honor system,
functional specifications may be terse, & structure charts are
nearly extinct except in the personnel department.

In fact, I think kerberos 5 probably conforms to about half of
these practices. For instance, the "life-cycle software engineering
recommendations" including the phrase "may". I suspect the kerberos
developers actually follow most of those practices, but may be resistant
to documenting that they did so. The coding standards contain many
"shoulds" for things that MIT kerberos actually follows far less rigidly
MIT kerberos certainly uses gotos (...using only structured programming
constructs...), unions ("equivalence of variables should not be used...",
global variables ("should not be used..."), and more than 2 exit points
for many routines ("...at most two exit points"). In-line documentation
is certainly *far* sparser than the appendix B authors suggest.

Rather than looking to the open source community to produce this, I
think your best bet is to look at one of the vendors to do this.
Say, Apple, Solaris, etc. They distribute the complete system,
not just the software, so they have a better claim on "complete system",
plus both the money stream, and the incentive, to pay for the
certification. Apparently at least one of the Solaris people
is already pursuing FIPS 140-2 for some of the lower-level crypto
stuff (not kerberos yet).

-Marcus Watts
Edgecombe, Jason
2007-09-04 12:54:19 UTC
Permalink
I remember reading in Linux journal that openssl had been certified.

http://www.linuxjournal.com/node/7644/print

I vaguely remember something else about getting source code certified
instead of compiled code, but I can't find it.

Jason

Jason Edgecombe
Solaris & Linux Administrator
Mosaic Computing Group, College of Engineering
UNC-Charlotte
Phone: (704) 687-3514


-----Original Message-----
From: kerberos-bounces at mit.edu [mailto:kerberos-bounces at mit.edu] On
Behalf Of Marcus Watts
Sent: Saturday, September 01, 2007 7:47 AM
To: kerberos at mit.edu
Subject: Re: Kerberos 5 certified under NIST 140-2.
Post by Ken Hornstein
Post by donald.koller at census.gov ()
I work at the U.S. Census Bureau and would like to use Kerberos 5 as our
network authentication protocol. The only problem is that for us to meet
our Certification and Accreditation and use Kerberos 5, it must be
certified under NIST 140-2. Do you have plans to have version 5 certified?
My understanding is that version 4 was.
...
Post by Ken Hornstein
When I looked into this for Kerberos, doing the certification cost
around $25,000-$35,000 and took a couple of years. And having seen
...

As I read FIPS 140-2, it addresses hardware much more than software, and
very much addresses "complete systems" or sometimes "components" and
really
does not address frameworks or pluggable environments much at all.

OpenSource software loses here on several points:
1. it's not a "finished" system. Somebody might come along at any
point and change it, invalidating any test results done until
that point.
2. the development process for "open source" does not generally conform
to FIPS 140-2 appendix A and B.

Appendix A describes the documentation that is necessary.
There's a lot of it, and it is very specific to the testing
required for FIPS 140-2. $25K to hire somebody to produce
this would be a real bargain for something as complicated as
kerberos 5.

Appendix B describes the "recommended software development
practice". These practices are probably a bit out of date, and
certainly do not describe modern conventions for C. The testing
&
documentation is certainly considerably more rigorous than many
open source projects. Note that the better organized projects
at least approach the software methodology suggested here, with
interesting differences: for instance the design stage may
happen
in part via online chat, unit testing may be on the honor
system,
functional specifications may be terse, & structure charts are
nearly extinct except in the personnel department.

In fact, I think kerberos 5 probably conforms to about half of
these practices. For instance, the "life-cycle software engineering
recommendations" including the phrase "may". I suspect the kerberos
developers actually follow most of those practices, but may be resistant
to documenting that they did so. The coding standards contain many
"shoulds" for things that MIT kerberos actually follows far less rigidly
MIT kerberos certainly uses gotos (...using only structured programming
constructs...), unions ("equivalence of variables should not be
used...",
global variables ("should not be used..."), and more than 2 exit points
for many routines ("...at most two exit points"). In-line documentation
is certainly *far* sparser than the appendix B authors suggest.

Rather than looking to the open source community to produce this, I
think your best bet is to look at one of the vendors to do this.
Say, Apple, Solaris, etc. They distribute the complete system,
not just the software, so they have a better claim on "complete system",
plus both the money stream, and the incentive, to pay for the
certification. Apparently at least one of the Solaris people
is already pursuing FIPS 140-2 for some of the lower-level crypto
stuff (not kerberos yet).

-Marcus Watts
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
Douglas E. Engert
2007-09-04 19:00:50 UTC
Permalink
Post by Edgecombe, Jason
I remember reading in Linux journal that openssl had been certified.
http://www.linuxjournal.com/node/7644/print
I vaguely remember something else about getting source code certified
instead of compiled code, but I can't find it.
There as a discusion on 8/10 on the openssl mailing
"Windows build of FIPS 1.1.1 is not thread-safe" which lead to some
interesting discussions about compilers, and what could and could not
be done to use software.

http://csrc.nist.gov/cryptval/140-1/140sp/140sp642.pdf
a (2MB PDF)is the OpenSSL document for NIST.

http://csrc.nist.gov/cryptval/140-1/FIPS1402IG.pdf
is the implementation guide, see section G5 for what a vendor
and/or a user can do with source code.

http://csrc.nist.gov/cryptval/140-1/140crt/140crt642.pdf
is the OpenSSL certificate.
Post by Edgecombe, Jason
Jason
Jason Edgecombe
Solaris & Linux Administrator
Mosaic Computing Group, College of Engineering
UNC-Charlotte
Phone: (704) 687-3514
-----Original Message-----
From: kerberos-bounces at mit.edu [mailto:kerberos-bounces at mit.edu] On
Behalf Of Marcus Watts
Sent: Saturday, September 01, 2007 7:47 AM
To: kerberos at mit.edu
Subject: Re: Kerberos 5 certified under NIST 140-2.
Post by Ken Hornstein
Post by donald.koller at census.gov ()
I work at the U.S. Census Bureau and would like to use Kerberos 5 as
our
Post by Ken Hornstein
Post by donald.koller at census.gov ()
network authentication protocol. The only problem is that for us to
meet
Post by Ken Hornstein
Post by donald.koller at census.gov ()
our Certification and Accreditation and use Kerberos 5, it must be
certified under NIST 140-2. Do you have plans to have version 5
certified?
Post by Ken Hornstein
Post by donald.koller at census.gov ()
My understanding is that version 4 was.
...
Post by Ken Hornstein
When I looked into this for Kerberos, doing the certification cost
around $25,000-$35,000 and took a couple of years. And having seen
...
As I read FIPS 140-2, it addresses hardware much more than software, and
very much addresses "complete systems" or sometimes "components" and really
does not address frameworks or pluggable environments much at all.
1. it's not a "finished" system. Somebody might come along at any
point and change it, invalidating any test results done until
that point.
2. the development process for "open source" does not generally conform
to FIPS 140-2 appendix A and B.
Appendix A describes the documentation that is necessary.
There's a lot of it, and it is very specific to the testing
required for FIPS 140-2. $25K to hire somebody to produce
this would be a real bargain for something as complicated as
kerberos 5.
Appendix B describes the "recommended software development
practice". These practices are probably a bit out of date, and
certainly do not describe modern conventions for C. The testing &
documentation is certainly considerably more rigorous than many
open source projects. Note that the better organized projects
at least approach the software methodology suggested here, with
interesting differences: for instance the design stage may
happen
in part via online chat, unit testing may be on the honor
system,
functional specifications may be terse, & structure charts are
nearly extinct except in the personnel department.
In fact, I think kerberos 5 probably conforms to about half of
these practices. For instance, the "life-cycle software engineering
recommendations" including the phrase "may". I suspect the kerberos
developers actually follow most of those practices, but may be resistant
to documenting that they did so. The coding standards contain many
"shoulds" for things that MIT kerberos actually follows far less rigidly
MIT kerberos certainly uses gotos (...using only structured programming
constructs...), unions ("equivalence of variables should not be used...",
global variables ("should not be used..."), and more than 2 exit points
for many routines ("...at most two exit points"). In-line documentation
is certainly *far* sparser than the appendix B authors suggest.
Rather than looking to the open source community to produce this, I
think your best bet is to look at one of the vendors to do this.
Say, Apple, Solaris, etc. They distribute the complete system,
not just the software, so they have a better claim on "complete system",
plus both the money stream, and the incentive, to pay for the
certification. Apparently at least one of the Solaris people
is already pursuing FIPS 140-2 for some of the lower-level crypto
stuff (not kerberos yet).
-Marcus Watts
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
________________________________________________
Kerberos mailing list Kerberos at mit.edu
https://mailman.mit.edu/mailman/listinfo/kerberos
--
Douglas E. Engert <DEEngert at anl.gov>
Argonne National Laboratory
9700 South Cass Avenue
Argonne, Illinois 60439
(630) 252-5444
Ken Hornstein
2007-09-04 02:52:53 UTC
Permalink
Post by Marcus Watts
As I read FIPS 140-2, it addresses hardware much more than software, and
very much addresses "complete systems" or sometimes "components" and really
does not address frameworks or pluggable environments much at all.
[...]
I don't want to get into the whole FIPS 140-2 mess ... but while it does
mostly deal with hardware products, there is a path for software-only
products to be certified. And it IS possible for open-source software
to be certified ... look at the certificate and security policy for
the FIPS-certified OpenSSL. Mind you, it's an uphill battle and I
think it is worthless from a _security_ perspective ... for software
I think the only value is so a government bureaucrat can check off a
box on a form.
Post by Marcus Watts
Appendix A describes the documentation that is necessary.
There's a lot of it, and it is very specific to the testing
required for FIPS 140-2. $25K to hire somebody to produce
this would be a real bargain for something as complicated as
kerberos 5.
When I said $25K (that was a number of years ago) that was the fee charged
by the testing labs that NIST uses. That's just for the FIPS 140-2
test ... generally you (the submitter) have to do all of the documentation
yourself, as well as meet all of the bizarre and seemingly arbitrary NIST
requirements.
Post by Marcus Watts
Appendix B describes the "recommended software development
practice". These practices are probably a bit out of date, and
certainly do not describe modern conventions for C. The testing &
documentation is certainly considerably more rigorous than many
open source projects. Note that the better organized projects
at least approach the software methodology suggested here, with
interesting differences: for instance the design stage may happen
in part via online chat, unit testing may be on the honor system,
functional specifications may be terse, & structure charts are
nearly extinct except in the personnel department.
I was under the impression that those recommendations are not requirements.
Post by Marcus Watts
Rather than looking to the open source community to produce this, I
think your best bet is to look at one of the vendors to do this.
Say, Apple, Solaris, etc. They distribute the complete system,
not just the software, so they have a better claim on "complete system",
plus both the money stream, and the incentive, to pay for the
certification. Apparently at least one of the Solaris people
is already pursuing FIPS 140-2 for some of the lower-level crypto
stuff (not kerberos yet).
Well, no one has even started the process yet AFAIK, so I think you'll
be waiting a long time. The "complete system" is not really a barrier
as I understand it.

--Ken
Loading...