Federal Information Processing Standard 140 (FIPS 140) defines approved cryptographic algorithms for computer systems used by the U.S. federal government. The current version of the standard is FIPS 140-2. Cryptographic algorithms can be validated as FIPS certified through the Cryptographic Module Validation Program (CMVP).
Applications using PowerTCP SSH and SFTP for .NET are by default FIPS 140-2 compliant. Only FIPS certified algorithms are used when required by the system's security policy, even if the Connection.Client2ServerCiphers array is changed by the developer. Dart offers Subscriptions which include source code for users who wish to obtain FIPS validation through a CMVP vendor.
The following registry settings are used to inform applications to only use cryptographic algorithms that are FIPS 140 compliant. To enable these settings, set their values to 1.
For Windows 2008, Vista, Windows 7 and Windows 8:
HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy\Enabled
For Windows Server 2003 and XP:
HKLM\System\CurrentControlSet\Control\Lsa\FIPSAlgorithmPolicy