Encryption Plus Cryptographic Library Security Policy
© 2006 GuardianEdge Technologies Inc.
Page 3
Introduction
This is the non-proprietary security policy for the Encryption Plus® Cryptographic Library ("EPCL"),
which is part of the Encryption Plus and Encryption Anywhere families of computer security products
from GuardianEdge Technologies Inc. This security policy fulfills the requirements given in Federal
Information Processing Standards Publication 140-2 (FIPS 140-2) Appendix C, as published by the
National Institute of Standards and Technology (NIST) of the United States Department of Commerce.
The EPCL is a compact and fast encryption library that provides an Application Programming
Interface (API) featuring NIST-approved AES encryption, SHA-1 hashing, HMAC-SHA-1, and
pseudo random number generation. This document outlines the functionality provided by the EPCL
and provides high-level details on the means by which the EPCL satisfies FIPS 140-2 requirements. It
describes the various services offered by the EPCL and the mechanisms provided to ensure that these
services meet the FIPS 140-2 level 1 requirements.
This security policy is one part of the FIPS 140-2 submission package, which contains additional
vendor evidence and source code listings. The entire EPCL submission package is copyright 2006
GuardianEdge Technologies Inc. This document, however, may be freely distributed in an unmodified
form.
For more information about the Encryption Plus and Encryption Anywhere lines of products, please
visit www.guardianedge.com
For more information on NIST and the Cryptographic Module Validation Program, please visit
http://www.nist.gov/cmvp/
1. EPCL Overview
The EPCL provides cryptographic services to the Encryption Plus and Encryption Anywhere families
of computer security products. For the purposes of FIPS 140-2 validation, the library is provided as a
32-bit dynamically linked library (DLL) that runs on Microsoft Windows operating systems
(Windows). The EPCL is supported on Windows 95/98/ME/NT 4.0/2000/XP on Intel-compatible
platforms and was tested on Windows 2000 (SP 4). EPCL is a software-only module that runs on a
multi-chip standalone device. The software library is contained in a single file, EPCL32.DLL. It is
intended to meet the requirements of FIPS 140-2 security level 1.
For the purposes of this document, the DLL version of the EPCL is referred to as the "EPCL", the
"library", or the "module".
The operational test platform for the purposes of FIPS 140-2 validation was a General Purpose
Computer.
Cryptographic Boundary
The physical cryptographic boundary for the EPCL is defined as the enclosure of the computer on
which the cryptographic module is installed. The logical boundary is defined as the EPCL32.DLL
library.