The mobile operating system must produce, control, and distribute cryptographic keys using NIST or NSA approved key management technology and processes if it produces, controls, or distributes cryptographic keys.

Changes are coming to https://stigviewer.com. Take our survey to help us understand your usage and how we can better serve you in the future.
Take Survey

The mobile operating system must produce, control, and distribute cryptographic keys using NIST or NSA approved key management technology and processes if it produces, controls, or distributes cryptographic keys.

Overview

Finding ID	Version	Rule ID	IA Controls	Severity
V-33147	SRG-OS-000165-MOS-000085	SV-43545r1_rule		Medium

Description
Cryptographic key management and establishment can be performed using manual procedures or automated mechanisms with supporting manual procedures. NIST technology and processes must be used for unclassified applications and data. NSA technology and processes must be used for classified applications and data.

STIG	Date
Mobile Operating System Security Requirements Guide	2013-04-12

Details

Check Text ( C-41407r1_chk )
Check that the operating system uses NIST and NSA approved cryptographic key management technology and processes if it produces, controls, or distributes cryptographic keys.

Fix Text (F-37047r1_fix)
Configure the operating system to use NIST and NSA approved cryptographic key management processes.