Allegro Software Announces FIPS Embedded Device Security
FIPS Validated Cryptography Library for Embedded Systems
BOXBOROUGH, MA – December 16, 2013 – Allegro Software Development Corporation, a leading supplier of Internet component software for embedded devices, today announced that it has earned FIPS level 2 validation for the Allegro Cryptography Engine, ACE™. Specifically engineered for the rigors of embedded computing, ACE™ enables manufacturers to add standards-based cryptography to resource sensitive embedded systems quickly, easily and reliably while decreasing time to market. ACE™ is ideally suited for use in embedded transportation, military, energy, healthcare and communications applications where strong validated cryptography is a requirement.
FIPS
Early embedded systems were unprepared to address the new security implications of network connectivity. Many industries now have a heightened awareness that embedded systems and larger enterprise systems that include embedded devices are vulnerable to a whole new realm of Internet attacks. The National Institute of Standards and Technology (NIST) has taken steps to ensure security and compatibility between communicating computers by defining Federal Information Processing Standards (FIPS). They specifically identified a set of guidelines (FIPS) for cryptographic-based security systems to protect sensitive information in computer and telecommunication systems, whether desktop or embedded, and asserted the requirement that vendors must comply to these standards to sell and support the government or its contractors. The application and testing process to earn FIPS validation is rigorous and non-trivial, but for companies selling security products to the federal government, their contractors or allies overseas, formal FIPS validations are a prerequisite to eligibility for government contracts.
ACE™ and FIPS Validation
The 140-2 FIPS (Federal Information Processing Standards) are used to accredit cryptographic “modules” that drive secure software or hardware implementations, and most federal agencies and contractors working on sensitive government projects are prohibited from buying products containing security software that is not officially FIPS-validated. Allegro applied for and received FIPS level 2 validation for the Allegro Cryptography Engine. ACE™ is one of the smallest, fastest, and most comprehensive FIPS validated software modules on the market. ACE™ was specifically engineered to meet the critical needs of embedded computing systems and purposely designed to meet the requirements for FIPS validation. With a common software interface, embedded systems developers can easily perform bulk encryption and decryption, message digests, digital signature creation and validation, and key generation and exchange. ACE™ additionally includes a platform independent implementation of the NSA defined Suite B suite of cryptographic algorithms, as well as other FIPS approved algorithms. The FIPS approved cryptographic algorithms included in ACE™ have been validated and are listed on the NIST CAVP sites along with the final validation designation on the NIST CVMP site.
“Data privacy is a significant issue for the billions of network-enabled embedded systems that inhabit the Internet” says Bob Van Andel, President of Allegro. “Allegro’s ACE™ toolkit significantly reduces risk, development effort, integration and testing time while giving our customers FIPS-validated security solutions engineered for use in embedded systems.” ACE™ is delivered as an ANSI-C source code toolkit and is available now. For additional information on ACE™, visit our website: www.allegrosoft.com/ace
Reference
NIST CAVP Sites:
http://csrc.nist.gov/groups/STM/cavp/documents/aes/aesval.html
http://csrc.nist.gov/groups/STM/cavp/documents/drbg/drbgval.html
http://csrc.nist.gov/groups/STM/cavp/documents/dss/ecdsanewval.html
NIST CVMP Site:
http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140val-all.htm
About Allegro
Allegro Software Development Corporation is the premier provider of UPnP networking and device management technologies specifically targeted at embedded Internet applications. Since 1996, Allegro has been a force in the evolution of device management solutions with its RomPager® embedded web server toolkit. Now also an active contributor to UPnP / DLNA initiatives, Allegro supplies a range of UPnP toolkits that offer portability, easy integration and full compliance with UPnP device specifications. Allegro is headquartered in Boxborough, MA.
Contacts:
Loren Shade
VP Marketing
Allegro Software Development Corporation
978-264-6600
loren@allegrosoft.com