Canonical has been working with our testing lab partner, atsec information security, to prepare the cryptographic modules in Ubuntu 22.04 LTS (Jammy Jellyfish) for certification with NIST under the new FIPS 140-3 standard. The modules passed all of atsec’s algorithm validation tests and are in the queue awaiting NIST’s approval. We can’t predict when the FIPS modules will eventually be processed, but NIST updates the list of modules in their queue on a daily basis – and you can access the preview modules now.
FIPS 140-3 is a NIST standard for ensuring that cryptography has been implemented correctly, protecting users against common pitfalls such as misconfigurations or weak algorithms. All US Government departments, federal agencies, contractors and military groups are required to use FIPS validated crypto modules, and a number of industries have also adopted the FIPS 140 standard as a security best practice. A FIPS-compliant technology stack is therefore essential in these sectors, and Ubuntu provides the building blocks for a modern and innovative open source solution.
Mode on Ubuntu
Ubuntu is a general purpose operating system which serves as a platform for millions of users around the world to build upon, and so we have chosen a set of libraries and utilities that have the widest usage and converted them to FIPS mode. We have disabled various disallowed algorithms and ciphers from the libraries, and made sure that they work by default in a FIPS compatible mode of operation. This means that you can easily comply with FIPS requirements by installing these modules.
We have converted these packages to FIPS mode:
- Linux kernel v5.15 – this provides a kernel cryptographic API as well as a validated source of entropy
- OpenSSL v3.0.2 – the most popular general purpose crypto library
- Libgcrypt v1.9.4 – another general purpose library based on code from GnuPG
- GnuTLS v3.7.3 – a secure communications library for protocols such as TLS
- Strongswan v5.9.5 – an IPSec VPN client
Pick your FIPS: Updates, Preview or Strict
When it comes to FIPS we inevitably face the dilemma of certified versions versus security patching: while regular security updates are essential for maintaining a secure system, NIST-certified FIPS modules are standardised at a fixed point in time and immediately start falling behind with security updates.
In order to address the concerns about having our customers use FIPS certified modules that contain vulnerabilities, we provide an alternative path: fips-updates. This is where we apply the necessary security patches to the FIPS modules and assert that we have not altered the FIPS cryptographic functionality.
We strongly recommend that you choose fips-updates in the Pro client and receive the security updates – the vast majority of our customers select this option.
Once the modules are NIST certified they will become available in the strictly compliant Pro channel called fips. You should only use these if you have the most stringent auditing requirements for certified modules, as they will almost certainly contain known security vulnerabilities by the time they have come through the long certification process.
For the Ubuntu 22.04 LTS release we are providing a new, third channel for accessing the modules: fips-preview. Some compliance schemes such as FedRAMP require you to only deploy strictly FIPS-certified modules, except when a vendor has published a new version fixing a security vulnerability, in which case you can deploy the newly-patched version as long as the module is in NIST’s recertification queue.
It is worth noting that fips-preview will still generally not provide comprehensive and up-to-date security patched modules, whereas with fips-updates we can apply fixes to the modules right away. Submitting modules to NIST for recertification necessarily introduces a lag due to bureaucracy, paperwork and testing costs, and we can’t provide any guarantees when modules will be repackaged for recertification.
How to get access
You can get access to the FIPS modules by using the Pro client command-line tool, which is built into all recent versions of Ubuntu (it used to be known as ubuntu-advantage, or “ua”). As FIPS is a Pro feature, you’ll need to first get a Pro token. This is as simple as signing up with an email address (we promise not to spam you) and attaching the token to your client.
Armed with your token, first ensure the system is fully up to date:
$ sudo apt update && sudo apt -y upgrade
Next, attach your Pro token (paste in the actual token):
$ sudo pro attach [C11AAAA1A1AAAAAAA1AAAAA11AA1AA]
Now that the token is attached, you can see two options for enabling the FIPS modules: fips-preview and fips-updates. Enable fips-updates using the Pro client:
$ sudo pro enable fips-updates
This command configures the system into FIPS mode and installs the relevant modules.
To check what has been enabled, use the Pro client:
$ sudo pro status SERVICE ENTITLED STATUS DESCRIPTION anbox-cloud yes disabled Scalable Android in the cloud esm-apps yes enabled Expanded Security Maintenance for Applications esm-infra yes enabled Expanded Security Maintenance for Infrastructure fips-updates yes enabled FIPS compliant crypto packages with stable security updates livepatch yes warning Current kernel is not supported realtime-kernel* yes disabled Ubuntu kernel with PREEMPT_RT patches integrated usg yes disabled Security compliance and audit tools
You can verify that the FIPS kernel is running:
$ uname -a Linux jammy 5.15.0-73-fips #80+fips1-Ubuntu SMP Thu Jun 1 20:57:42 UTC 2023 x86_64 x86_64 x86_64 GNU/Linux
In FIPS mode, the kernel provides a system-wide flag that applications and users can check:
$ cat /proc/sys/crypto/fips_enabled 1
Path to full certification
When the modules are fully certified, they will become available in the strict fips channel within the Pro client. The fips-updates and fips-preview channels will remain as they are, so if you are using these to test the pre-certified modules nothing will change from the perspective of the the Pro client when NIST issues the certificates, apart from the existential knowledge that the modules have been approved.
If you encounter any issues or difficulties when integrating the preview modules, please do let us know via Launchpad. For example, you can raise a bug against OpenSSL here. Alternatively, if you have a support contract with us then get in touch via the Support Portal.
What is Ubuntu Pro?
Ubuntu Pro is a set of security and compliance features built on top of the regular Ubuntu, and the FIPS packages are part of Ubuntu Pro. We have a detailed FAQ all about Ubuntu Pro here.
Will FIPS work with the latest hardware?
Canonical publishes Long Term Support (LTS) releases every 2 years, but for each interim release (every 6 months) we also make that latest kernel package available for the most recent LTS release as a Hardware Enablement (HWE) kernel, allowing customers to benefit from the latest hardware support whilst still using the LTS release. By default, Desktop installations will use the latest HWE kernel, while Server installations will stick to the generic LTS kernel. The 22.04 LTS FIPS kernel is derived from the generic version 5.15. If the 5.15 kernel works on your hardware, the FIPS kernel should also work.
Check your kernel version using uname -a. To downgrade to the generic version use sudo apt install –install-recommends linux-generic and check the system behaves correctly.
Can I use FIPS in containers?
Yes, you can deploy FIPS modules in containers and run them in FIPS mode, provided that the host system has a FIPS kernel of the same release. You can learn more in this blog post. The reason that the kernel should be the same release as the modules is that our FIPS userspace libraries get their random numbers (the entropy) from the kernel, and the modules are certified to work in tandem.
Why isn’t SSH included in the modules?
We provide a version of SSH (both client and server) that links to the FIPS OpenSSL library, so that the SSH packages don’t need to be certified individually. This means that we can provide security updates for SSH without being constrained by the FIPS process. These SSH packages are modified versions of the regular Ubuntu SSH packages, and the Pro client will seamlessly ensure that the right packages are installed if required.
We encourage everyone who has a need for FIPS cryptography to enable the preview FIPS modules in Ubuntu 22.04 LTS and take them for a test run. If you have any questions or feedback about the modules, or would like to know more about Ubuntu Pro in general and how Canonical can support your security and compliance requirements, please get in touch.