V2.9 — Cryptographic Verifier
Cryptographic Verifier: 3 L3 requirement(s). V2.9.1: Verify that cryptographic keys used in verification are stored securely and protected against disclosure, such as using ... V2.9.2: Verify that the challenge nonce is at least 64 bits in length, and statistically unique or unique over the lifetime of t... V2.9.3: Verify that approved cryptographic algorithms are used in the generation, seeding, and verification.
| Property | Value |
|---|---|
| Section | V2.9 |
| Owner | platform |
Mapped Controls
| Control | Title |
|---|---|
| SID-CRYPTO-01 | PKCS#11 HSM Key Protection |
| SID-KEY-01 | WSCA WebSocket Key Signing Delegation |
Source: OWASP Application Security Verification Standard 4.0.3