Article Number: 000190141
Comparison of BSAFE cryptographic library implementations
Summary: Compares the cryptographic capabilities of BSAFE Crypto-J, BSAFE Crypto-C Micro Edition, and BSAFE Micro Edition Suite implementations
Article Content
Instructions
This page compares and provides details about Dell BSAFE Crypto-C Micro Edition (CCME), Micro Edition Suite (MES), BSAFE Crypto-Module (BCM) and Crypto-J cryptographic implementation capabilities.
Contents
- FIPS 140 Validation
- Asymmetric key algorithms
- Elliptic curve cryptography (ECC) support
- Public Key Cryptography Standards (PKCS) Support
- Digest Algorithms
- Message Authentication Code (MAC) Algorithms
- Block Cipher Algorithms
- Block Cipher Modes
- Stream Cipher Algorithms
- Processor Algorithm Acceleration (PAA) and Processor Algorithm Implementation (PAI) Support
- Format-Preserving Encryption Modes
- Operating Systems supported (past and present support)
FIPS 140 Validation
See FIPS 140 status of BSAFE cryptographic modules for more details about tde status of different validations.| Implementation | BCM | CCME | Crypto-J |
| FIPS 140 mode | Yes | Yes | Yes |
| FIPS 140-2 validated | No | Yes a | Yes b |
| FIPS 140-3 validated | Implementation under test c | No | Implementation under test c |
b NIST Cryptographic Module Validation Program and Certificates for Crypto-J
c NIST Cryptographic Module Validation Program - Implementation Under Test
Key Operations
Key operations include key generation, key exchange agreements and asymmetric key algorithms.
Asymmetric key algorithms
| Implementation | BCM | CCME and MES | Crypto-J |
| RSA | Yes | Yes | Yes |
| DSA | Yes | Yes | Yes |
| ECDSA | Yes | Yes | Yes |
| EdDSA | No | No | No |
| Ed448 | No | No | No |
| DH | Yes | Yes | Yes |
| ECDH | Yes | Yes | Yes |
| ElGamal | No | No | No |
| NTRU (IEEE P1363.1) | No | No | No |
| DSS | No | No | No |
Elliptic curve cryptography (ECC) support
| Implementation | BCM | CCME and MES | Crypto-J |
| NIST | Yes | Yes | Yes |
| SECG | No | Yes | Yes |
| ECC Brainpool | No | No | No |
| Curve25519 | No | No | No |
| Curve448 | No | No | No |
| GOST R 34.10 a | No | No | No |
| SM2 | No | No | No |
Public Key Cryptography Standards (PKCS) Support
| Implementation | BCM | CCME and MES | Crypto-J |
| PKCS #1 | Yes | Yes | Yes |
| PKCS #5b / PBKDF2 | Yes | Yes | Yes |
| PKCS #8 | Yes | Yes | Yes |
| PKCS #12 | No | Yes | Yes |
| IEEE P1363 | Yes | Yes | No |
| ASN.1 | No | Yes | Yes |
Digest Algorithms
| Implementation | BCM | CCME and MES | Crypto-J |
| MD5 | Yes | Yes | Yes |
| SHA-1 | Yes | Yes | Yes |
| SHA-2 | Yes | Yes | Yes |
| SHA-3 | Yes | Yes | Yes |
| SHAKE128 | Yes | No | Yes |
| SHAKE256 | Yes | No | Yes |
| RIPEMD-160 | No | No | Yes |
| Tiger | No | No | No |
| Whirlpool | No | No | No |
| BLAKE2 | No | No | No |
| GOST R 34.11-94a (aka GOST 34.311-95) |
No | Yes | No |
| GOST R 34.11-2012 (Stribog)b | No | No | No |
| SM3 | No | No | No |
b RFC 6986
Message Authentication Code (MAC) Algorithms
| Implementation | BCM | CCME and MES | Crypto-J |
| HMAC-MD5 | No | Yes | Yes |
| HMAC-SHA1 | Yes | Yes | Yes |
| HMAC-SHA2 | Yes | Yes | Yes |
| Poly1305-AES | No | No | Yes |
| BLAKE2-MAC | No | No | No |
Block Cipher Algorithms
| Implementation | BCM | CCME and MES | Crypto-J |
| AES | Yes | Yes | Yes |
| 3DES | Yes | Yes | Yes |
| Camellia | No | Yes | No |
| Blowfish | No | No | No |
| Twofish | No | No | No |
| IDEA | No | No | No |
| CAST5 | No | No | No |
| ARIA | No | Yes | No |
| GOST 28147-89b / GOST R 34.12-2015 (Magmac and Kuznyechikd) |
No | Partiala | No |
| SM4 | No | No | No |
b RFC 5830
c RFC 8891
d RFC 7801
Block Cipher Modes
| Implementation | BCM | CCME and MES | Crypto-J |
| ECB | Yes | Yes | Yes |
| CBC | Yes | Yes | Yes |
| OFB | Yes | Yes | Yes |
| CFB | Yes | Yes | Yes |
| CTR | Yes | Yes | Yes |
| CCM | Yes | Yes | Yes |
| GCM | Yes | Yes | Yes |
| OCB | No | No | No |
| XTS | Yes | Yes | Yes |
| AES-Wrap | Yes | Yes | Yes |
| Stream | No | Yes | Yes |
| EAX | Yes | No | No |
Stream Cipher Algorithms
| Implementation | BCM | CCME and MES | Crypto-J |
| RC4 | No | Yes | Yes |
| HC-256 | No | No | No |
| Rabbit | No | No | No |
| Salsa20 | No | No | No |
| ChaCha | No | No | Yes |
| SEAL | No | No | No |
| Panama | No | No | No |
| WAKE | No | No | No |
| Grain | No | No | No |
| VMPC | No | No | No |
| ISAAC | No | No | No |
Processor Algorithm Acceleration (PAA) and Processor Algorithm Implementation (PAI) Support
| Implementation | BCM | CCME and MES | Crypto-J |
| AES-NI | Yes | Yes | No |
| SSSE3/SSE4.1 | Yes | Yes | No |
| AVX/AVX2 | Yes | Yes | No |
| RDRAND | Yes | Yes | No |
| VIA PadLock | No | No | No |
| Intel QuickAssist | No | No | No |
| ARMv7-A NEON | No | No | No |
| ARMv8-A cryptography instructions | Yes | Yes | No |
| Power ISA v2.03 (AltiVeca) | No | No | No |
| Power ISA v2.07 (e.g., POWER8 and latera) |
No | No | No |
Format-Preserving Encryption Modes
| Implementation | BCM | CCME and MES | Crypto-J |
| BPS | No | Yes | Yes |
| FF1 | No | No | No |
| FF3 | No; | No | No |
| FF3-1 | No | No | No |
Operating Systems supported (past and present support)
| Implementation | BCM | CCME and MES | Crypto-J |
| Current Support | Windows 64-bit, Linux 32 and 64-bit, Dell EMC PowerMaxOS | Solaris, HP-UX, Linux, FreeBSD, AIX, 32 and 64-bit Windows | Solaris, Linux, FreeBSD, AIX, 32 and 64-bit Windows |
| No longer supported | Tru64, Android, macOS, iOS, VxWorks | Android, macOS |
Article Properties
Affected Product
BSAFE Crypto-C Micro Edition, BSAFE Crypto-J, BSAFE Micro Edition Suite
Last Published Date
14 Feb 2024
Version
9
Article Type
How To