-
Type: Improvement
-
Resolution: Duplicate
-
Priority: Major - P3
-
None
-
Affects Version/s: 2.2.0
-
Component/s: Security
-
Environment:Windows Server 2008 with FIPS-140 Policy Enabled
MD5 is not an approved algorithm for the Federal Information Processing Standards, however, FIPS-140 compliance is a requirement for many federal government software projects. A list of approved algorithms may be found here:
http://csrc.nist.gov/groups/ST/toolkit/secure_hashing.html
Because MongoDB authentication uses MD5 hashing for the message digest, there is no way to meet FIPS-140 compliance with authentication enabled.
In order to meet FIPS compliance, please add support for an alternative hashing algorithm to be optionally enabled in the server. Client drivers should follow suit. For example, a new option --authAlgorithm=HMACSHA256 could instruct the server to use the approved HMAC+SHA256 algorithm for the authentication message digest. I recommend this as an option rather than simply switching entirely from MD5 to HMAC+SHA256 because this would break existing clients until all drivers could upgrade.
Here is a bit more background in order to recreate the issue:
This affects servers and client libraries, and is simple to recreate by setting this registry bit on a Windows machine to 1 (enabled):
HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled
With this set, components that use non-compliant algorithms should fail. The .NET client will throw an exception when attempting to create the message digest for authentication. Other drivers may or may not adhere to the policy, depending on whether their underlying crypto implementations or runtime libraries check for this.
It is also worth noting that the MongoDB Server does not appear to check for the FIPS policy setting on Windows, and as such, even though this registry setting is enabled when running mongod.exe server on a Windows host, MongoDB continues to use MD5 hashing during the authentication process. Not adhering to this policy in mongod.exe on Windows Servers with FIPS enabled may also cause MongoDB to fail a FIPS audit. As such, it's also recommended that you use a cryptography library that has gained the FIPS-140 certification and adheres to this policy on Windows.
- related to
-
SERVER-7648 Support Use of FIPS 140-2 Compliant Crypto Library
- Closed
-
CSHARP-573 Change MD5 Hash for Machine Key to Something FIPS Compliant
- Closed