The Federal Information Processing Standard (or FIPS) is a cryptography standard created by the U.S. government. FIPS specifications require certain secure algorithms, cryptographic modules and random number generation. Hybrid Data Pipeline uses the Bouncy Castle libraries to provide FIPS 140-2 compliant cryptography. Using FIPS in Hybrid Data Pipeline server changes the following:
The way we secure Pseudo-Random Number Generation for cryptographic elements
The modules used for generating encrypted data including SSL
The handling of SSL certificates, including the generation of the java truststore and keystore to be compatible with the Bouncy Castle libraries
Note: If you plan to run Hybrid Data Pipeline in FIPS mode and use a Java plugin to support external authentication services, the Java plugin must be FIPS compliant. In addition, the external authentication Java plugin should be tested with FIPS mode enabled before moving to a production environment.
The way we secure Pseudo-Random Number Generation for cryptographic elements
