I got tasked with coming up with a way to change our company's data library to be FIPS 140-2 compliant. We're primarily a microsoft shop and currently have a crypto library leveraging RijndealManaged to perform our encryption/decryption. There are multiple environments involved, so whatever solution I come up with would require encryption/decryption of the same message to happen on independent machines (So I dont think I can use the .net libraries like AESCryptoProvider which relies on the OS)
I don't have a deep understanding or background in cryptography but off the research that I've done to this point, I know that AES is still a FIPS 140-2 compliant algorithm. My question is: is there is an updated .NET AES Managed module that I could use across these environments to be FIPS 140-2 compliant? Does the AESManaged module just require me to configure it in a particular way (i.e. 256 key size and 128 block size) in order be FIPS compliant?
I can't use third party libraries.
As long as the .Net Framework installed is 3.5+ the classes that wrap the NIST certified FIPS 140-2 compliant algorithms will be available.
The trick is to encrypt on one machine and decrypt on another, you have to use the same key and initialization vector values.
You should be able to simply replace the calls in your library to the RijndaelManaged class with the same calls to AESCryptoServiceProvider class.