FIPS-compliant service mesh

Note: The default version of Service Mesh Manager is built with the standard SSL libraries. To use a FIPS-compliant version of Istio, see Install FIPS images.

FIPS compliance overview

The Istio distribution of Service Mesh Manager provides compliance with the rules for cryptographic modules of FIPS 140-2 Security Level 1. To achieve this, Service Mesh Manager provides the following measures:

  • Service Mesh Manager is built using a FIPS-compliant library (BoringCrypto).
  • Envoy is built with the same FIPS-compliant library (BoringCrypto).
  • Service Mesh Manager delivers a custom Istio build, using the same FIPS-compliant library (BoringCrypto).
  • For certificate management, Service Mesh Manager uses a version of cert-manager built with the same FIPS-compliant library (BoringCrypto).
  • Service Mesh Manager is tested with FIPS 140-2 compliant cipher suites (and rejects anything else).
  • Although FIPS 140 allows other ciphers, Service Mesh Manager only GCM ciphers are enabled, because only those can prevent the SSL LUCKY13 timing attack.
  • BoringSSL is a fork of OpenSSL that is designed to meet Google’s needs. BoringSSL as a whole is not FIPS validated. However, there is a core library (called BoringCrypto) that has been FIPS validated.

FIPS 140-2 compliant Service Mesh Manager TLS settings

Allowed TLS versions

  • TLS v1.2
  • TLS v1.3

Although FIPS 140-2 would allow lower TLS versions under some circumstances, we disabled them for security reasons. TLS 1.0 and 1.1 are out-of-date protocols that do not support modern cryptographic algorithms, and they contain security vulnerabilities that may be exploited by attackers. The IETF is also planning to officially deprecate both protocols. In addition, the vast majority of encrypted Internet traffic is now over TLS 1.2, which was introduced over a decade ago.

Allowed FIPS compatible ciphers

  • ECDHE-RSA-AES128-GCM-SHA256
  • ECDHE-RSA-AES256-GCM-SHA384
  • ECDHE-ECDSA-AES128-GCM-SHA256
  • ECDHE-ECDSA-AES256-GCM-SHA384
  • AES128-GCM-SHA256
  • AES256-GCM-SHA384

There are more ciphers allowed by FIPS 140-2. We only enable GCM ciphers, because only those ciphers can prevent a LUCKY13 timing attack

Allowed Elliptic-curve algorithm

  • P-256

Installation

To install a FIPS-compliant version of Istio, see Install FIPS images.