NIST Validation Of OpenSSL Algorithms

An anonymous reader submits "On Monday, May 10, 2004, the National Institute of Standards and Technology (NIST) posted a notice that the AES, DES, 3DES, DSA and SHA-1 algorithms for OpenSSL have been validated. The validation notices can be found at the following NIST sites: Advanced Encryption Standard (AES) Algorithm (Certification # 146); Data Encryption Standard (DES) Validated Implementations (Cert # 258); Triple Data Encryption Algorithm (TDEA, a.k.a. "Triple DES"): (Cert # 256); Digital Signature Algorithm (DSA) Validation System: (Cert # 108); Secure Hash Algorithm (SHS) Validation System: (Cert # 235). Successful validation of these algorithms does NOT mean that OpenSSL has received FIPS 140-2 validation, yet. The overall FIPS 140-2 validation effort for OpenSSL is still in process. Additional updates will be posted on the OSSI web site, www.oss-institute.org. NIST validation of these algorithms does, however, signify a major milestone in OSSI's efforts to secure the FIPS 140-2 validation for OpenSSL. Please post any questions that you might have to questions@oss-institute.org."

Poster left out explination of what FIPS is

[the+morgawr]

A quick googling shows that FIPS 140-2 validation refers to the government certification that encryption modules have adequate security to be used by the the Federal (e.g. US) government. If OpenSSL gets fully validated this will be a huge win for open source software.