Public Key Infrastructure (PKI) of ANF AC
APPROVED DEVICES

The device approval process is carried out by the ANF AC´s Engineering Department. The main objective of the process is to verify:
- If it complies with the norms and standards in this area.
- It is interoperable with applications distributed by ANF AC.
Cryptographic Components:
- Signature algorithm: SHA-256WithRSAEncryption
- Digestion algorithm: SHA-256 y SHA-512
- Key length: 1024 bits, 2048 bits and 4096 bits
- Symmetric encryption algorithm: AES
- Asymmetric encryption algorithm: RSA
Cryptographic API’s:
BouncyCastle:
- Open SSL- ANF CryptoToken
- ANF AC WSI (ANF AC Web Signature and Identification)
- ANF AC Certificate Practice Statement (CPS)
Cryptographic API’s:
PKCS # 11 of ANF AC:
- Cryptographic Module (HSM) - Issuer of Certificates
- Thales (nCipher)
- Cryptographic Module (HSM) – End user
Download Certification
ID-One Cosmo V7.0-n EAL 5+
Download Certification
In the approval process, the recommendations published by:
- IETF RFC 3279, updated by RFC 4055, RFC 4491, RFC 5480, RFC 5758 Algorithms and Identifiers for the Internet X.509 Public Key Infrastructure. Certificate and Certificate Revocation List (CRL) Profile.
- IETF RFC 4055: Additional Algorithms and Identifiers for RSA Cryptography for use in the Internet X.509 Public Key Infrastructure Certificate and Certificate Revocation List (CRL) Profile. Updated by RFC 5756 Updates for RSAES-OAEP and RSASSA-PSS Algorithm Parameters.
- CAB FORUM.
- National Institute of Standards and Technology (NIST)are taken into account.
NOTICE: http://csrc.nist.gov/groups/ST/hash/policy.html