Red Hat gains FIPS 140-2 certification for RHEL
Red Hat has announced that the US National Institute of Standards and Technology (NIST) has certified several cryptographic technologies in Red Hat Enterprise Linux (RHEL) 6.2 with the Federal Information Processing Standard (FIPS) 140-2. The US government, but also organisations in other countries, mandate FIPS-140-2 certified cryptographic systems to protect sensitive information.
RHEL 6.2 on HP ProLiant DL585 and IBM BladeCenter HS22 servers has completed seven certification modules, including for the kernel crypto API, OpenSSH client and server, as well as OpenSSL. The dm-crypt library, which is used to encrypt hard drives, and the Openswan IPSec implementation were also certified, as was GnuPG's libgcrypt library. The validation testing for the certification was performed by the independent atsec testing laboratory in Austin, Texas.
A full list with all FIPS 140-1 and FIPS 140-2 certified cryptographic technologies is available from the NIST web site.