Application of C Based Cryptographic Module Operating in Java with Preservation of FIPS 140 Validation

摘要

Due to recent arise of cybercrime, importance of cyber security is highlighted more than ever. NIST has created Cryptographic Module Validation Program, namely CMVP, to validate security level of cryptographic modules for the United States Federal agencies: indeed, many are achieving the validation. According to the program, operating environments for any specific cryptographic module are fixed. In other words, running validated module in other software environment is strictly prohibited. However, this paper asserts that it is possible for a C based module to operate in Java environment without loss of validation as long as the module is running on a verified environment. We expect this paper to help saving great amount of time and costs for developing another cryptographic module for the same operating purpose.