FOMRedux includes the following enhancements to the original FOM source code:

• Fully conforms to startup requirements from IG9.5 and IG9.10
• Fully compliant with 800-131A
  • SHA-1 disallowed with Asymmetric Sign
  • RSA and DSA 1024-bit keys disallowed
  • ECDSA curves P-192, B-192, and K-192 are disallowed
  • RSA Key Generation updated to conformance with FIPS 186-4
• GMAC algorithm patched and available
• Updated built-in algorithm test harness to current file formats
• Updated built-in functional test harness to demonstrate current capabilities

In addition to the algorithm and compliance updates, FOMRedux is faster than the original. In the years since the initial validation, many assembly language enhancements were made to the non-FIPS source tree of OpenSSL. Among these are accelerations for AES, SHA, and BIGNUM math for x86_64, ARM, SPARC, and more.

Many of these assembly code optimizations have been ported into FOMRedux, bring the FOM to closer performance parity with the non-FIPS version. Additional optimizations can be ported in to meet vendor needs.

With FOMRedux, you can customize additional behaviors of OpenSSL to meet special use cases:

• Assembly language accelerations for additional processors
• Auto-start in FIPS-mode and/or disable non-FIPS mode
• Algorithm limitations (e.g. only SHA-512)
• Custom branding and logging

The module is available for license, with a complete FIPS documentation set, for a quick and easy custom Private Label validation. We have partnered with a validation lab that can offer discounted pricing on the validation of the Thinqsoft-modified source.

Please contact us if you would like more information on licensing the module for private label validation.