Enforcing the FIPS mode of operation on a device
FIPS are computer-system standards that were developed by the United States federal government and specify requirements for security algorithms. The BlackBerry® device uses the AES cipher-based DRBG as the FIPS-validated random source. The device uses the FIPS 186-2 DSA PRNG as the non-FIPS random source. You can configure the Enforce FIPS Mode of Operation IT policy rule to specify whether a device must operate in FIPS mode.
You can also configure the Force Cryptographic Power Analysis Protection IT policy rule to specify whether a device must use algorithms that are protected against cryptographic power analysis (if available).
If the Enforce FIPS Mode of Operation IT policy rule or the Force Cryptographic Power Analysis Protection IT policy rule is enabled, the device displays this information in the Security Status Information section, in the Security options on the device.
For more information about using IT policy rules, see the BlackBerry Enterprise Server Policy Reference Guide. For more information about the DRBG function, see NIST Special Publication 800-90. For more information about the DSA PRNG function, see Federal Information Processing Standard - FIPS PUB 186-2.