Frequently Asked Questions: Standards
Q: With which standards does CKM® comply?
A: Constructive Key Management® technology is inherent to the ANSI Standard X9.69 Framework for Key Management Extensions, and its technology is based upon a number of other standards. For more information, please see TecSec® Incorporated's CKM and Standards documents.
In addition, the CKM Software Developer's Kit interfaces with the PKCS#11 Cryptographic Token Interface Standard.
Q: How did CKM become part of an ANSI standard?
A: CCKM was developed in compliance with multiple security standards and was selected for incorporation into a new American National Standards Institute (ANSI) Standard. In 1996 the Federal Reserve Bank, along with IBM, Citibank, Chase and the Digital Equipment Corporation sponsored CKM before ANSI to be considered for the next generation of security technology for banking transactions (e.g., Electronic Funds Transfers). Following two and a half years of peer review by over 100 companies, ANSI X9.69 was approved in March of 1999.
Q: How can I learn more about standards?
A: You can download the CKM and Standards document in the Reference Papers section of our Library which provides links to various standards organizations.
Q: Has CKM been certified?
A: CKM has been reviewed for cryptographic accuracy and conformance through a FIPS 140-2 evaluation. A copy of the certificate can be found here. In addition, the following algorithms have been tested and certified for FIPS 140-2 compliance.
FIPS-approved algorithms: AES (Certs. #345 and #379); Triple-DES (Certs. #407 and #422); SHS (Certs. #420 and #450); HMAC (Certs. #149 and #167); RNG (Certs. #165 and #181); RSA (Certs. #116 and #131); DSA (Certs. #155, #163, and #165)
