Reference Guide
Secure Operation of Crypto-C ME 41
RSA BSAFE Crypto-C Micro Edition 4.1.4 Security Policy Level 1
with Level 2 Roles, Services and Authentication
To comply with both roles database requirements the PIN must have a minimum of 73
random bits.
Minimum Password Length:
The minimum length (L) of a password generated using a cryptographically secure
random password generator to provide a search space of S entries depends on the size
(N) of the character set:
L= log
2
S/log
2
N
The following table provides some examples for:
• A password, used by the PBKDF, defined in SP 800-132: S = 3 x 10
17
• A password, used directly as the PIN by the KDF, used to secure the roles
database: S = 6 x 10
21
2.1.6 General Crypto User Guidance
Crypto-C ME users should take care to zeroize CSPs when they are no longer needed.
For more information on clearing sensitive data, see section 1.4.5 and the relevant API
documentation in the RSA BSAFE Crypto-C Micro Edition Developer Guide.
Character Set N
L
S = 3 x 10
17
S = 6 x 10
21
Case sensitive (a-z, A-Z) 52 11 13
Case sensitive alpha numeric 62 10 13
All ASCII printable characters except space 94 9 11