From owner-freebsd-arch@freebsd.org Sun Apr 14 15:51:03 2019 Return-Path: Delivered-To: freebsd-arch@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 5ED5B157925D; Sun, 14 Apr 2019 15:51:03 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from outgoing.mit.edu (outgoing-auth-1.mit.edu [18.9.28.11]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 209AD6EC71; Sun, 14 Apr 2019 15:51:01 +0000 (UTC) (envelope-from kaduk@mit.edu) Received: from kduck.mit.edu (24-107-191-124.dhcp.stls.mo.charter.com [24.107.191.124]) (authenticated bits=56) (User authenticated as kaduk@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id x3EFjpI3001894 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Sun, 14 Apr 2019 11:45:52 -0400 Date: Sun, 14 Apr 2019 10:45:50 -0500 From: Benjamin Kaduk To: Paul Pathiakis Cc: "freebsd-arch@freebsd.org" , FreeBSD Ports Subject: Re: FIPS and NIST Message-ID: <20190414154550.GB10547@kduck.mit.edu> References: <1414670222.401877.1554810287647.ref@mail.yahoo.com> <1414670222.401877.1554810287647@mail.yahoo.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Disposition: inline Content-Transfer-Encoding: 8bit In-Reply-To: <1414670222.401877.1554810287647@mail.yahoo.com> User-Agent: Mutt/1.10.1 (2018-07-13) X-Rspamd-Queue-Id: 209AD6EC71 X-Spamd-Bar: --- Authentication-Results: mx1.freebsd.org; spf=pass (mx1.freebsd.org: domain of kaduk@mit.edu designates 18.9.28.11 as permitted sender) smtp.mailfrom=kaduk@mit.edu X-Spamd-Result: default: False [-3.88 / 15.00]; ARC_NA(0.00)[]; TO_DN_EQ_ADDR_SOME(0.00)[]; RCVD_COUNT_TWO(0.00)[2]; NEURAL_HAM_MEDIUM(-1.00)[-0.997,0]; FROM_HAS_DN(0.00)[]; RCPT_COUNT_THREE(0.00)[3]; R_SPF_ALLOW(-0.20)[+ip4:18.9.28.0/24]; NEURAL_HAM_LONG(-1.00)[-1.000,0]; MIME_GOOD(-0.10)[text/plain]; RCVD_TLS_LAST(0.00)[]; DMARC_NA(0.00)[mit.edu]; TO_DN_SOME(0.00)[]; TO_MATCH_ENVRCPT_SOME(0.00)[]; MX_GOOD(-0.01)[mit-edu.mail.protection.outlook.com,mit-edu.mail.protection.outlook.com]; NEURAL_HAM_SHORT(-0.66)[-0.656,0]; IP_SCORE(-0.82)[ipnet: 18.9.0.0/16(-4.05), asn: 3(0.01), country: US(-0.06)]; FREEMAIL_TO(0.00)[yahoo.com]; FROM_EQ_ENVFROM(0.00)[]; RCVD_IN_DNSWL_LOW(-0.10)[11.28.9.18.list.dnswl.org : 127.0.11.1]; R_DKIM_NA(0.00)[]; ASN(0.00)[asn:3, ipnet:18.9.0.0/16, country:US]; MIME_TRACE(0.00)[0:+]; RECEIVED_SPAMHAUS_PBL(0.00)[124.191.107.24.zen.spamhaus.org : 127.0.0.10] X-BeenThere: freebsd-arch@freebsd.org X-Mailman-Version: 2.1.29 Precedence: list List-Id: Discussion related to FreeBSD architecture List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Apr 2019 15:51:03 -0000 On Tue, Apr 09, 2019 at 11:44:47AM +0000, Paul Pathiakis via freebsd-arch wrote: > Hi, > I posted the following to freebsd-questions but was further directed here to see what can be done about this issue. > Basically, it involves making sure that the SSL library in use on the OS and any ports built with it, uses the OpenSSL fips-compliant module.  The module is a 'blessed' certification module of OpenSSL that has had the MD5 and (???) less secure cryptographic algorithms removed.  It goes through US/Canadian government certification process and ends up being 'blessed'.  Without this certification, FreeBSD and all of its derivatives will be shut out of govt and govt contractor companies. The OpenSSL FIPS module 2.0 (https://wiki.openssl.org/index.php/FIPS_module_2.0) is very old and is only compatible with the (also very old) OpenSSL 1.0.2 release series. FreeBSD has already imported OpenSSL 1.1.1 into the base system and cannot (for API stability purposes) revert to the older version. AFAIK the three validation letters run by OpenSSL directly did not include FreeBSD as a validated OS, but of course that module could have been a starting point for "private label" validations that would be somewhat faster/cheaper than starting completely from scratch. > A LOT of information can be found out about this online especially at http://www.nist.gov. > There are standards of both physical hardware security and operating system security using the OpenSSL-FIPS-2.0  (soon to be 3.0 this year). 3.0 is on the roadmap for this year, with a very different design philosophy, but it's also very much a WIP and not even in a state to start building designs on top of. > On the physical side it must support the use of SEDs (self encrypting drives > I guess one of the initial undertakings would be to port the openssl FIPS module.  Well, there's not really anything to port yet. Anyways, all the work is going to happen in the main OpenSSL git repository, on the same master branch as other development work, so the amount of porting involved would also be minimal. > > https://www.openssl.org/docs/fips.html > Another undertaking would be to allow a switch when building things that rely on SSL encryption in their configuration to choose 'OpenSSL FIPS'. > Now, the sad part.  FIPS and NIST fly in the face of OSS philosophy and nimble movement.  A FIPS certified module cannot be used if a bug is found in it.  It's IMMEDIATELY blacklisted.  All things built with it are no longer valid.  You can't patch it, you can't outright fix it, etc.  It then requires the new library to go through certification.  This leads to chicken-egg.... you can't really expect to put everything on hold while a new module goes through the certification process which can take upwards of 18 mos.  So, people either don't report it or wait until the new version is out to report it.  (Hey, it's the gov't right?) You may be interested to read about https://csrc.nist.gov/Projects/Automated-Cryptographic-Validation-Testing (see also https://github.com/usnistgov/ACVP). > However, you can't be used by the gov't unless certified.  All the big players, CISCO, IBM, DELL/EMC, VMware and RedHat (and CentOS) are all FIPS-compliant. > So, can this happen?  (If it doesn't, all machines that are FreeBSD or variants in use in the gov't and in govt contractor companies, will be removed in an ever shrinking timeframe.) I note without further comment that https://www.openssl.org/blog/blog/2018/09/25/fips/ lists NetApp as a sponsor of the current OpenSSL effort. (Full disclosure: my employer (Akamai Technologies) is also listed.) -Ben