IBM JCE FIPS v1.8 algorithms
The algorithm lists for the FIPS providers are shown here.
Note:
The IBMJCEPlusFIPS and IBMJCEFIPS FIPS 140-2 cryptographic providers should
be considered deprecated technology on platforms where FIPS 140-3 will be made available. Once the
FIPS 140-3 IBMJCEPlusFIPS cryptographic provider is fully supported for production use, the FIPS
140-2 cryptographic providers on those platforms will be subject to removal in the future. All
products and customers will need to move to the new FIPS 140-3 IBMJCEPlusFIPS provider for their
FIPS certified cryptography.
- The FIPS 140-2 cryptographic module certification for the IBMJCEFIPS provider, as documented in Cryptographic Module Validation Program CMVP, Certificate #2715, expired on 21 August 2021 and will not be renewed. The ibmjcefips.jar file will remain part of the SDK however you should upgrade to service refresh 7 or later and use the IBMJCEPlusFIPS JCE cryptographic provider to achieve FIPS 140-2 compliance of applications in future. (The IBMJCEPlusFIPS provider was added in service refresh 6, fix pack 10 but was signed with the SHA256withRSA signature algorithm in service refresh 7, for enhanced security.)
- Ciphers:
- AES with modes ECB, CBC, OFB, and CFB8, CFB128 and GCM
- DESede(TripleDES) with modes ECB, CBC, OFB, CFB8 and CFB64
- RSA with PKCS#1 padding (This algorithm is not an approved algorithm, see the IBM® Java JCE FIPS 140-2 Cryptographic Module Security Policy for more information.
- Signature:
-
- SHA224withRSA
- SHA256withRSA
- SHA384withRSA
- SHA512withRSA
- RSA-PSS
- SHA256withDSA
- SHA224withECDSA
- SHA256withECDSA
- SHA384withECDSA
- SHA512withECDSA
- Signature verification:
-
- SHA1withRSA
- SHA224withRSA
- SHA256withRSA
- SHA384withRSA
- SHA512withRSA
- RSA-PSS
- SHA1withDSA
- SHA224withDSA
- SHA256withDSA
- SHA1withECDSA
- SHA224withECDSA
- SHA256withECDSA
- SHA384withECDSA
- SHA512withECDSA
- ECDSA with P-192, P-224, P-256, P-384, P-521 curves
- Key agreement:
- DiffieHellman (This algorithm is not an approved algorithm, but is allowed for use in exchanging keys)
- EC Diffie-Hellman (P-224, P-256, P-384, P-521 curves)
- Key (pair) generation:
-
- DSA
- AES
- TripleDES
- HmacSHA1
- HmacSHA224
- HmacSHA256
- Hmac384
- Hmac512
- RSA
- ECDSA (P-224, P-256, P-384, P-521 curves)
- DiffieHellman
- Message authentication code (MAC):
- HmacSHA1
- HmacSHA224
- HmacSHA256
- HmacSHA384
- HmacSHA512
- Message digest:
- SHA-1
- SHA-256
- SHA-384
- SHA-512
- MD5 (This algorithm is not an approved algorithm, see the IBM Java JCE FIPS 140-2 Cryptographic Module Security Policy for more information.)
- Algorithm parameter generator:
- DiffieHellman
- DSA
- Algorithm parameter:
- AES
- DiffieHellman
- TripleDES
- DSA
- ECDSA with P-224, P-256, P-384, P-521 curves
- Key factory:
- DiffieHellman
- DSA
- RSA
- ECDSA
- Secret Key Factory:
- AES
- TripleDES
- Certificate:
- X.509
- Random number generation:
-
- HashDRBG
- SHA256DRBG
- SHA512DRBG
- Key generation:
-
- AES - 128, 192 or 256 bits
- Triple-DES - 192 bits three key Triple-DES key
- RSA - 2048 or 3072 modulus size
- DSA - L=2048, N=256 or L=3072, N=256 bits
- ECDSA - P-224, P-256, P-384, P-521 curves
- Key agreement
-
- Diffie-Hellman - 2048 bits
- EC Diffie-Hellman - P-224, P-256, P-384, P-521 curves
- Encryption and decryption
-
- AES (ECB, CBC, OFB, CFB8, CFB128 and GCM modes ) - 128, 192, or 256 bits
- Triple-DES (ECB, CBC, CFB8, CFB64 and OFB modes) - 192 bits Triple-DES key
- Two key Triple-DES (decryption only - ECB, CBC, CFB8, CFB64 and OFB modes) - 192 bits two key Triple-DES
- Signature generation
-
- RSA – 2048 or 3072 bits
- DSA (SHA-256) – 2048 or 3072 bits
- ECDSA (SHA-224, SHA-256, SHA-384 and SHA-512) - P-224, P-256, P-384, P-521 curves
- Signature verification
-
- RSA – 1024, 2048, or 3072 bits
- DSA – (SHA-1, SHA-224, SHA-256) – 1024, 2048, or 3072 bits
- ECDSA (SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512) - P-192, P-224, P-256, P-384, P-521 curves
- Message authentication
-
- HMAC with SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512 - at least 112 bits
- Message digest
-
- SHA-1, SHA-224, SHA-256, SHA-384 and SHA-512
Important: Using other key sizes or algorithms results in FIPS 140-2
non-compliance.
Hardware acceleration
The IBMJCEFIPS provider can run the following operations on hardware if the underlying processor,
and JIT compiler if enabled, support acceleration:
- Intel processors with support for AES-NI
- IBM Power® 8 processors with support for vcipher for AES and vshasigma for SHA
- IBM z13® processor with support for CPACF for AES, Triple-DES and SHA