THE INFORMATION IN THIS ARTICLE APPLIES TO:
- EFT version 7 and later
DISCUSSION
Some organizations require that file transfers are restricted to FIPS-approved algorithms. The library used by our OpenPGP module is not restricted to only FIPS-compliant cryptography. However, you can add a registry setting to EFT to restricts the OpenPGP module to use only FIPS-compliant cryptography that is available in the library.
The registry setting described below, when present and the DWORD value is set to non-zero, will configure the OpenPGP library to use FIPS-compliant cryptography only.
To enable FIPS-compliant mode for the OpenPGP module
32-bit OS:
[HKEY_LOCAL_MACHINE\SOFTWARE\GlobalSCAPE Inc.\EFT Server 4.0\Config\]
64-bit OS:
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\GlobalSCAPE Inc.\EFT Server 4.0\Config\]
DWORD: OpenPGPFIPSCompliantAlgorithmsOnly
- 0 = not FIPS only
- 1 = FIPS-compliant cryptography only
- Default when not specified = 0 (not FIPS-only cryptography)
The table below lists the algorithms available for each mode.
FIPS compliant mode | Non-FIPS mode |
=Symmetric Encryption Algorithms= | =Symmetric Encryption Algorithms= |
=Hash Algorithms= | =Hash Algorithms= |
=Asymmetric Algorithms= | =Asymmetric Algorithms= |
=Compression Algorithms= | =Compression Algorithms= |