v7 Cryptography at rest verification requirementsΒΆ
- 7.2 Crypto fails securely
- 7.6 Random numbers, file names, GUIDs and strings are sufficiently random
- 7.7 Crypto modules have been validated against FIPS 140-2 or equivalent
- 7.8 Crypto modules operate in their approved mode
- 7.9 Policy for cryptographic key management exists and is enforced
- 7.11 Cryptographic processes are isolated
- 7.12 PII is encrypted at rest and protected during communication
- 7.13 Keys and secrets are zeroed when destroyed
- 7.14 Secrets are replaceable and placed at installation
- 7.15 Random numbers are sufficiently random even under load