This work is licensed under a Creative Commons Attribution-NoDerivatives 4.0 International License.
Technical resources and implementation notes addressing security when using the FIX Protocol.
The documents provided below have been reviewed or produced by the Global Technical Committee’s Information Security Subcommittee.
FIX Security White Paper v1.9 700.29 KB 2513 downloads July 23, 2017
The "FIX Security White Paper (v1.9)" is intended to provide FIX Trading Community members with some of the common questions and answers regarding computer and network security when using FIX. Its scope is limited to the FIX Protocol and transmission of FIX messages between parties; issues such as security of operating systems, internal applications, databases, etc., are outside the scope of this document.
FIXS Stunnel User Guide for FIX Applications 133.14 KB 1218 downloads August 18, 2017
FIX-over-TLS (FIXS) Stunnel User Guide for FIX Applications - this guide is intended to allow anyone to get started with FIXS, whilst the FIXS specification is applicable to all TLS implementations.
PGP-DES_MD5 and PEM-DES-MD5 Overview 25.50 KB 362 downloads February 17, 1996
This application note addresses Authentication, Confidentiality and Integrity for data transmitted between two parties. It describes the protocol for Key Exchange, Data Encryption of selected fields in the FIX message, and Data Integrity for the entire FIX message. Written and contributed by Morgan Stanley in 1995 and 1996.
PGP-DES-MD5 and PEM-DES-MD5 Implementation 224.00 KB 262 downloads June 2, 2017
The files included in this distribution are an implementation of the FIX security protocol. Written and contributed by Morgan Stanley in 1995 and 1996. (TAR, 224KB) [May 24, 1996]
Stunnel Universal SSL Wrapper
Stunnel is a program that allows you to encrypt arbitrary TCP connections inside SSL (Secure Sockets Layer) available on both Unix and Windows. Stunnel can be used to securely wrap unencrpyted FIX traffic. The Stunnel source code is not a complete product — you still require a functioning SSL library such as OpenSSL or SSLeay in order to compile stunnel. This means that stunnel can support whatever (and only) that which your SSL library can, without making any changes in the Stunnel code. The Stunnel source code is available under the GNU General Public License.
Information Security Presentations
Encryption Working Group Presentation - July 24, 2000 768.50 KB 256 downloads July 24, 2000
This document has been revised to correct errors in the presentation and add additional information relating to CA infrastructure addressed at the meeting.
This document describes the the proper way to conduct a multicast session for market data distribution using FIX message formats