Introduction

Technical Specifications

FIPS 140-2 Certified Cryptography

In FIPS modeUKC system mode that allows processing FIPS-certified and not-certified keys of crypto operation, UKCUnbound Key Control - The name of Unbound's key management product. crypto capabilities are specified in FIPS 140-2 Certificate #3378 and FIPS 140-2 Certificate #3453.

Unbound Standard Cryptography

In addition to the FIPSFederal Information Processing Standards - standards developed by the United States federal government for use in computer systems by non-military government agencies and government contractors 140-2 certified mode of operation, UKCUnbound Key Control - The name of Unbound's key management product. provides a constantly evolving non-FIPS modeUKC system advanced execution mode that hasn't yet received the FIPS certification of crypto operation that covers a wider set of keys and algorithms.

AES Capabilities

Key sizes: 128, 192, 256.

Operation	Mode	MacMode	Allowed hash types
Encrypt	ECB, CBC, CFB, OFB, CTR, GCM, CCM, NISTWRAPAES Key Wrap (KW) specified by NIST Special Publication 800-38F
Decrypt	ECB, CBC, CFB, OFB, CTR, GCM, CCM, NISTWRAPAES Key Wrap (KW) specified by NIST Special Publication 800-38F
Wrap	Refer to Key Wrapping Capabilities
Unwrap
Mac		CMAC, GMAC
Mac verify		CMAC, GMAC
Derive	Hash		Supported HASH Options
	Concatenate
	NISTNational Institute of Standards and Technology-CMAC-CTR

Notes:

1. NISTWRAPAES Key Wrap (KW) specified by NIST Special Publication 800-38F (NIST.SP.800-38F) is also indicated as AES-KW.

AES-XTS Capabilities

Key Sizes: 256, 512. (Double Keys).

Operation	Mode	Allowed hash types
Encrypt	XTS
Decrypt	XTS
Derive	Hash	Supported HASH Options
	Concatenate

AES-SIV Capabilities

Key Sizes: 256, 512. (Double Keys).

Operation	Mode	Allowed hash types
Wrap	Refer to Key Wrapping Capabilities
Unwrap
Derive	Hash	Supported HASH Options
	Concatenate

3DES Capabilities

Key size: 168 (also known as 192).

Operation	Mode	Allowed hash types
Encrypt	ECB, CBC, CFB, OFB
Decrypt	ECB, CBC, CFB, OFB
Wrap	Refer to Key Wrapping Capabilities
Unwrap
Mac	CMAC
Mac verify	CMAC
Derive	Hash	Supported HASH Options
	Concatenate

HMAC Capabilities

Key size: from 8 to 2048, in increments of 8.

Operation	Mode	Allowed hash types
Mac	HMACHash-based Message Authentication Code - A MAC involving a cryptographic hash function and a secret cryptographic key.	SHASecure Hash Algorithm - a family of cryptographic hash functions-1, SHASecure Hash Algorithm - a family of cryptographic hash functions-256, SHASecure Hash Algorithm - a family of cryptographic hash functions-384, SHASecure Hash Algorithm - a family of cryptographic hash functions-512
Mac verify	HMACHash-based Message Authentication Code - A MAC involving a cryptographic hash function and a secret cryptographic key.	SHASecure Hash Algorithm - a family of cryptographic hash functions-1, SHASecure Hash Algorithm - a family of cryptographic hash functions-256, SHASecure Hash Algorithm - a family of cryptographic hash functions-384, SHASecure Hash Algorithm - a family of cryptographic hash functions-512
Derive	Hash	SHASecure Hash Algorithm - a family of cryptographic hash functions-1, SHASecure Hash Algorithm - a family of cryptographic hash functions-256, SHASecure Hash Algorithm - a family of cryptographic hash functions-384, SHASecure Hash Algorithm - a family of cryptographic hash functions-5122
	Concatenate
	SLIP-10

RSA Capabilities

Key size: 2048, 3072, 4096.

Operation	Padding	Allowed hash types	Notes
Sign	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1		1
	PSSprobabilistic signature scheme. Abbreviation of RSASSA-PSS		2
Decrypt	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1
	OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.	Supported HASH Options	3
	RAWCKM_RSA_X_509 padding mechanism		4
Wrap (using the public key)	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1		5
	OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.	Supported HASH Options
Unwrap	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1
	OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.	Supported HASH Options

Notes:

1. PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1 is an abbreviation of RSA-PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1 v1.5.
2. PSSprobabilistic signature scheme. Abbreviation of RSASSA-PSS is an abbreviation of RSASSA-PSSprobabilistic signature scheme (PSS) with appendix.
3. The default padding for wrapping: OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys..
4. RAWCKM_RSA_X_509 padding mechanism denotes CKM_RSA_X_509 padding.
5. Refer to Key Wrapping Capabilities.

ECC (ECDSA) Capabilities

Elliptic curves: P-256, P-384, P-521, SECP256K1.

Supported DSA: ECDSAElliptic Curve Digital Signature Algorithm - A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography. and Schnorr.

Operation	Mode
Sign	ECDSAElliptic Curve Digital Signature Algorithm - A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography.
Derive	SLIP-10
	ECDSAElliptic Curve Digital Signature Algorithm - A variant of the Digital Signature Algorithm (DSA) which uses elliptic curve cryptography.-to-EdDSAEdwards-curve Digital Signature Algorithm

Notes:

1. P-256 is also known as SECG' secp256r1 and ANSI' prime256v1.
   
2. P-384 is also known as SECG' secp384r1.
   For other synonyms of elliptic curve names, refer to RFC 4492 Appendix A - Equivalent Curves.

ECC (ECDH) Capabilities

Elliptic curves: P-256, P-384, P-521

Operation	Mode
Derive	ECDHDiffie–Hellman (ECDH) is a key agreement protocol used to establish shared secret by deriving it from EC keys.
Decrypt	ECIESIntegrated Encryption Scheme

EC-PRF Capabilities

Elliptic curve: P-256

Operation	Mode
Derive	EC-PRF

EC-PWD Capabilities

Elliptic curve: P-256

Operation	Mode
Verify	EC-PWD

EdDSA Capabilities

EdDSAEdwards-curve Digital Signature Algorithm curve: ed25519.

Operation	Mode
Sign	EdDSAEdwards-curve Digital Signature Algorithm

LIMA Capabilities

Key size: 1024

Operation	Mode
Derive	ECDHDiffie–Hellman (ECDH) is a key agreement protocol used to establish shared secret by deriving it from EC keys.

Supported HASH Options

SHASecure Hash Algorithm - a family of cryptographic hash functions-1, SHASecure Hash Algorithm - a family of cryptographic hash functions-256, SHASecure Hash Algorithm - a family of cryptographic hash functions-384, SHASecure Hash Algorithm - a family of cryptographic hash functions-512, SHA3-256, SHA3-384, SHA3-512.

Key Wrapping Capabilities

The following table specifies

• Types of keys that may be wrapped.
• Types of keys that may be used for wrapping.

The body of the table specifies attributes of the wrapping:

• modes that are applicable when using symmetric keys.
• padding when using the RSA key.

Key to be Wrapped	Wrapping Key
	Modes			Padding
	AES	3DES	DES	RSA
AES	ECB, CBC, OFB, CFB, CTR, GCM, CCM, AES-KW	ECB, CBC, OFB, CFB	ECB, CBC, OFB, CFB	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1, OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.
3DES	OFB, CFB, CTR, GCM, CCM, AES-KW	ECB, CBC, OFB, CFB	ECB, CBC, OFB, CFB	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1, OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.
DES	OFB, CFB, CTR, GCM, CCM, AES-KW	ECB, CBC, OFB, CFB	ECB, CBC, OFB, CFB	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1, OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.
XTS	ECB, CBC, OFB, CFB, CTR, GCM, CCM, AES-KW	ECB, CBC, OFB, CFB	ECB, CBC, OFB, CFB	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1, OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.
SIV	ECB, CBC, OFB, CFB, CTR, GCM, CCM, AES-KW	ECB, CBC, OFB, CFB	ECB, CBC, OFB, CFB	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1, OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.
HMACHash-based Message Authentication Code - A MAC involving a cryptographic hash function and a secret cryptographic key.	ECB, CBC, OFB, CFB, CTR, GCM, CCM, AES-KW	OFB, CFB	OFB, CFB	PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications.#1, OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys.
RSA	OFB, CFB, CTR, GCM, CCM, AES-KW	OFB, CFB	OFB, CFB
EC	OFB, CFB, CTR, GCM, CCM, AES-KW	OFB, CFB	OFB, CFB
EDDSAEdwards-curve Digital Signature Algorithm	ECB, CBC, OFB, CFB, CTR, GCM, CCM, AES-KW	ECB, CBC, OFB, CFB	ECB, CBC, OFB, CFB

Notes:

1. The default padding used by RSA: OAEPOptimal Asymmetric Encryption Padding - A padding scheme often used together with RSA encryption of symmetric keys. with the following Hash options: SHASecure Hash Algorithm - a family of cryptographic hash functions-1, SHASecure Hash Algorithm - a family of cryptographic hash functions-256, SHASecure Hash Algorithm - a family of cryptographic hash functions-384, SHASecure Hash Algorithm - a family of cryptographic hash functions-512, SHA3-256, SHA3-384, SHA3-512.

Supported Crypto Clients and Security Frameworks

Applications interact with the UKCUnbound Key Control - The name of Unbound's key management product. solution in one of the following ways:

• UKCUnbound Key Control - The name of Unbound's key management product. clients installed on application servers and used transparently via the following security software frameworks:
  • Java JCEJava Cryptography Extension - Java frameworks for implementing cryptography primitives. - UKCUnbound Key Control - The name of Unbound's key management product. Client-based JCAJava Cryptography Architecture - Java frameworks for implementing cryptography primitives. provider
  • Java JCEJava Cryptography Extension - Java frameworks for implementing cryptography primitives. - UKCUnbound Key Control - The name of Unbound's key management product. ClientlessSystem that is using Unbound Java Security Provider without dependency on the UKC Client software. JCAJava Cryptography Architecture - Java frameworks for implementing cryptography primitives. provider
  • PKCSPublic-Key Cryptography Standards - Industry-standard cryptography specifications. #11
  • OpenSSL
  • Microsoft CNG
• KMIPKey Management Interoperability Protocol - an extensible communication protocol that defines message formats for the manipulation of cryptographic keys on a key management server clients (1.1 and later). Refer to KMIP Conformance.
• Integration using the Unbound RESTRepresentational State Transfer (REST) - an architectural style that defines a set of constraints and properties based on HTTP. Web Services that conform to the REST architectural style, or RESTful web services, provide interoperability between computer systems on the Internet. API.

Supported External Keystores

UKCUnbound Key Control - The name of Unbound's key management product. allows generating, storing, linking to, and using keys that are stored in the following external keystores.

Keystore	SDK name	Version	UKC Specification
AWS KMSKey Management System	aws-java-sdk-kms	1.11.682	AWS KMS
Azure Key Vault	azure-keyvault	1.2.4	Azure Key Vault