[en] NiceLabel doesn't support FIPS mode

La traduction officielle n'est pas encore disponible.

[en] Problem

[en] The United States Federal Information Processing Standard (FIPS) 140 is a U.S. government computer security standard for cryptographic algorithms that protect sensitive data. FIPS defines specific encryption methods that can be used for data protection. FIPS also defines methods for generating encryption keys. An algorithm is considered FIPS 140-compliant only if it passes the National Institute of Standards and Technology (NIST) validation.

[en] Enabling FIPS mode in Windows settings forces Windows to use only FIPS-validated encryption methods. After enabling FIPS mode, Windows can no longer use other (and newer) encryption methods.

[en] NiceLabel uses encryption algorithms that have not been submitted to NIST for validation. Microsoft .NET Framework blocks access to algorithms that aren’t FIPS-validated. NiceLabel is built on .NET Framework. When NiceLabel tries to use a non-validated algorithm with FIPS mode enabled, the Framework raises an exception and does not allow the algorithm to be used.

[en] Solution

[en] NiceLabel uses the following encryption methods:

  • [en] AESManaged. NiceLabel uses this method for applications to encrypt data and communications.

  • [en] WinZipAes256. NiceLabel uses this method to open and savelabel (.NLBL) and solution (.NSLN) files.

  • [en] DPAPI. NiceLabel uses this method for encryption of sensitive data in web.config files for Web-based NiceLabel software.

[en] To run NiceLabel on government Windows computers, list NiceLabel as excluded software. Disable FIPS mode when you work with NiceLabel.

[en] Additional reading: