SP 800-108 Key-Based Key Derivation Functions (KBKDF) Validation List

Last Update: 7/24/2015

Overview

The page provides technical information about implementations that have been validated as conforming to the key-based key derivation functions as approved in "Special Publication 800-108 Recommendation for Key Derivation Using Pseudorandom Functions (Revised) dated October 2009.

The list below describes implementations which have been validated as correctly implementing the KBKDF algorithm, using the validation tests found in " The SP800-108 Key Derivation Function Validation System (KBKDFVS).The testing is handled by NVLAP-accredited Cryptographic And Security Testing (CST) Laboratories.

The implementations below consist of software, firmware, hardware and any combination thereof. The National Institute of Standards and Technology (NIST) has made every attempt to provide complete and accurate information about the implementations described in this list. However, due to the possibility of changes made within individual companies, NIST cannot guarantee that this list reflects the current status of each implementation. It is the responsibility of the vendor to notify NIST of any necessary changes to its entry in the following list. In addition to a general description of each product, this list mentions the features that were tested as conforming to the KBKDF; these features are listed on the validation that is issued to the vendor. The following notation is used to describe the implemented features that were successfully tested.

Legend for Description Field

Mode: [Counter Mode] [Feedback Mode] [Double-Pipeline Iteration Mode] Families of KDF
MACSupported([CMACAES128][CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512]) Pseudorandom Function (PRF) used to compute the keying material
Llength(Values tested) Length of the derived keying material
ZeroLenIVSupported([True] [False]) Required ONLY for Feedback Mode
CounterUsedInData([True] [False]) Required in Feedback and Double-Pipeline Iteration Modes
rlength([8][16][24][32]) Length of the binary representation of the counter i.
LocationCounter
For CounterMode:([BeforeFixedData]
[AfterFixedData])
For Feedback and Double-Pipeline Iteration Modes:([BeforeIterationData]
[AfterIterationData] [AfterFixedData])
Location of counter in the data to be MACed.
Required for Counter Mode.
If CounterUsedInData = True for Feedback and/or Double-Pipeline Iteration Modes, this is required.

KBKDF Validated Implementations

Validation
No.
Vendor Implementation
Operational
Environment
Val.
Date
Modes/States/Key sizes/
Description/Notes
64 Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # ME4-2409
Cavium CNS3420 7/10/2015 CTR_Mode: ( Llength( Min128 Max1024 ) MACSupported( [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
HMAC Val#2194

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

62 Morpho
18 chausee Jules Cesar
Osny, France 95520
France

-Omar Derrouazi
TEL: +33158116971

IDeal CitizTM v2.0 Open

Part # SLE78C(L)FX4000P(M), SLE78C(L)FX3000P(M)
N/A 7/2/2015 CTR_Mode: ( Llength( Min16 Max32 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) rlength( [8] ) )
AES Val#2818

"The IDeal Citiz™ v2.0 Open is a single chip cryptographic module, which combines an implementation of the Sun Java Card Version 3.0.2 Classic Edition and GlobalPlatform Version 2.1.1 specifications on a dual interface chip (ISO 7816 contact and ISO 14443 contactless interface communication protocols)."

61 Rajant Corporation
400 East King Street
Malvern, PA 19355
USA

-Martin Lamb
TEL: (484) 595-0233 x409

Firmware v11.4.0-FIPS

Version 11.4.0-FIPS (Firmware)
Part # LX4-2495; LX4-2954
Intel XScale IXP435 6/26/2015 CTR_Mode: ( Llength( Min128 Max1024 ) MACSupported( [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
HMAC Val#2193

"The BreadCrumb by Rajant Corporation is an 802.11 (Wi-Fi) and Ethernet compatible wireless mesh networking device that allows for rapid deployment of mobile wireless networks in a wide variety of environments. It is lightweight, capable of communicating via up to four different radio frequencies, and is designed to be completely mobile."

60 Canon
One Canon Park
Melville, NY 11747
USA

-Jiuyuan Ge
TEL: 631-330-5774

Canon imageRunner Crypto Module for MEAP

Version 2.1.1
Intel Atom Processor D410 w/ MontaVista Linux 6/25/2015 CTR_Mode: ( Llength( Min0 Max1 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] [AfterFixedData] ) rlength( [8] [16] [24] [32] ) )
AES Val#3442 DRBG Val#840 HMAC Val#2191

"Canon imageRUNNER Crypto Module for MEAP is a cryptographic module which protects stored and transmitted data using FIPS approved cryptographic algorithms."

59 Athena Smartcard Inc.
16615 Lark Ave.
Suite 202
Los Gatos, CA 95032
USA

-Stephanie Motre
TEL: (408) 884-8316
FAX: (408) 884-8320

Athena OS755 SP 800-108 KDF Component For SLE78

Version I1.0 (Firmware)
Part # SLE78
Infineon SLE78 6/25/2015 CTR_Mode: ( Llength( Min16 Max16 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) rlength( [8] ) )
AES Val#3435

"Athena OS755 is a GlobalPlatform Java Card smart card operating system implementing KDF."

58 Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade ICX 7450

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
n/a 6/25/2015 CTR_Mode: ( Llength( Min16 Max0 ) MACSupported( [CMACAES128] ) LocationCounter( [BeforeFixedData] ) )
AES Val#3438

"The Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX 7450 delivers wire-speed, non-blocking performance across all ports to support latency-sensitive."

57 Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

MiniHSM Algorithm Library

Version 2.60.1 (Firmware)
Freescale DragonBall MXL 6/11/2015 CTR_Mode: ( Llength( Min16 Max16 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) )

"The MiniHSM Algorithm Library provides cryptographic functionality for the MiniHSM series of Thales hardware security modules."

56 Thales e-Security Inc.
900 South Pine Island Road
Suite 710
Plantation, FL 33324
USA

-sales@thalesesec.com
TEL: 888-744-4976

nShield Algorithm Library

Version 2.60.1 (Firmware)
Freescale PowerPC 6/5/2015 CTR_Mode: ( Llength( Min16 Max16 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#3420 DRBG Val#825

"The nShield algorithm library provides cryptographic functionality for Thales nShield Hardware Security Modules"

55 N/A N/A N/A 5/29/2015 N/A
54 SPYRUS Inc.
1860 Hartog Drive
San Jose, CA 95131-2203
USA

-William Sandberg-Maitland
TEL: 613-298-3416

SPYRUS USB-3 Module

Version 3.0 (Firmware)
Part # 116-450001-01
SPYRUS USB-3 Module 5/22/2015 CTR_Mode: ( Llength( Min64 Max64 ) MACSupported( [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
DRBG Val#658 HMAC Val#1913

"SPYRUS USB-3 is a hardware cryptographic module that enables security critical capabilities such as user authentication, message privacy, integrity and secure storage in rugged, tamper-evident form factor. The SPYRUS USB-3 Module communicates with a host computer via the standard USB interface."

53 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module

Version 6.0
Cavium Octeon MIPS64 w/ Linux 2.6; Intel Xeon w/ FreeBSD 9.2 5/22/2015 CTR_Mode: ( Llength( Min0 Max48 ) MACSupported( [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
DRBG Val#818 HMAC Val#2173

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of"

06/01/15: Added new tested information;

52 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team
TEL: d

CiscoSSL FIPS Object Module (Assembler)

Version 6.0
Intel Xeon w/ Linux 2.6; Cavium Octeon MIPS64 w/ Linux 2.6; ARMv7 w/ Android 4.4; Intel Core i7 w/ Windows 8.1; Intel Core i7 with AES-NI w/ Windows 8.1 5/22/2015 CTR_Mode: ( Llength( Min0 Max48 ) MACSupported( [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
DRBG Val#817 HMAC Val#2172

"The Cisco FIPS Object Module is a software library that provides cryptographic services to a vast array of Cisco''s networking and collaboration products."

06/01/15: Updated implementation information;

51 N/A N/A N/A 5/15/2015 N/A
50 Redpine Signals, Inc.
2107 North First Street Suite #680
San Jose, CA 95131-2019
USA

-Mallik Reddy
TEL: +1 408 219 7868
FAX: +1 408 705 2019

RSICryptoLib

Version RSICryptoLib_1_0 (Firmware)
Part # Redpine ThreadArch
N/A 3/27/2015 CTR_Mode: ( Llength( Min160 Max320 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
HMAC Val#2003

"Algorithm routines implemented in RSICryptoLib"

49 Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS Common Cryptographic Module (IC2M) Algorithm Module

Version 2.1 (Firmware)
Freescale 8752E; Cavium CN5020; Cavium CN5220; MPC8358E; MPC8572C; SC8548H; Intel Xeon 3/20/2015 CTR_Mode: ( Llength( Min0 Max48 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
DRBG Val#481

"IOS Common Crypto Module"

48 Samsung Electronics co., Ltd.
95, samsung 2-ro
Giheung-gu
Yongin-si, Gyeonggi-do 446-711
Korea

-Jinsu Hyun
TEL: 82-31-8037-3737

Security Sub-System(SSS) V6.7_2

Part # 1.0
N/A 3/13/2015 CTR_Mode: ( Llength( Min0 Max32 ) MACSupported( [HMACSHA256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
HMAC Val#2057

"SSS is the cryptographic hardware module of Samsung Exynos. This module implements block ciphers (AES and TDES), hashes (SHA-1, SHA-256, SHA-384 and SHA-512), message authentication codes (HMAC and CMAC) and a pseudo random number generator (DRBG)."

47 Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: +1 830 850 1544

ArubaOS OpenSSL Module

Version 6.4.3-FIPS (Firmware)
x86-64 3/13/2015 CTR_Mode: ( Llength( Min32 Max64 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [AfterFixedData] ) rlength( [16] ) )
HMAC Val#2055

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

46 Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Steve Weingart
TEL: +1 830 850 1544

ArubaOS Common Cryptographic Module

Version 6.4.3-FIPS (Firmware)
x86-64 3/13/2015 CTR_Mode: ( Llength( Min32 Max64 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [AfterFixedData] ) rlength( [16] ) )
HMAC Val#2054

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

45 Draeger Medical Systems, Inc.
6 Tech Drive
Andover, MA 01810
USA

-Michael Robinson
TEL: +1 978 379 8000
FAX: +1 978 379 8538

DRAEGER WCM9113 802.11ABGN VG2

Version VG2 (Firmware)
Part # MS32018
N/A 3/13/2015 CTR_Mode: ( Llength( Min160 Max320 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
HMAC Val#2026

"Algorithm routines implemented in the DRAEGER WCM9113 802.11ABGN VG2"

03/26/15: Updated implementation information;

44 VASCO Data Security International, Inc.
Koningin Astridlaan 164
Wemmel, Vlaams-Brabant 1780
Belgium

-Frederik Mennes
TEL: +32 2 609 97 00
FAX: +32 2 609 97 09

KDF Component

Version 1.15 (Firmware)
Samsung S3P72N4 microcontroller 3/6/2015 CTR_Mode: ( Llength( Min0 Max16 ) MACSupported( [CMACAES128] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#3217

"KDF Component implements key derivation using CMAC AES-128 in Counter Mode with 8-bit counter, 16-byte Ko, and counter before the fixed input data."

04/13/15: Updated implementation information;

43 Feitian Technologies Co., Ltd
Floor 17, Tower B, Huizhi Mansion, No.9 Xueqing Road
Haidian, Beijing 100085
China

-Tibi
TEL: (+86)010-62304466-821
FAX: (+86)010-62304477

-PENG Jie
TEL: (+86)010-62304466-419
FAX: (+86)010-62304477

FEITIAN-FIPS-Cryptographic Library V1.0.0

Version 1.0.0 (Firmware)
Part # SLE77CLFX2400PM
Infineon SLE77CLFX2400PM 2/6/2015 CTR_Mode: ( Llength( Min1256 Max0 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [BeforeFixedData] [AfterFixedData] ) rlength( [8] [16] [24] [32] ) )
AES Val#3184

"FEITIAN-FIPS-Cryptographic Library V1.0.0 implements AES, TDES, CMAC, TDES MAC, SH1, SHA256, SHA512, DRBG, RSA, and KDF, and operates on Infineon SLE78CLFX4000PM for FEITIAN-FIPS-JCOS V1.0.0, which is smart card complied with Java Card 2.2.2 and Global Platform 2.2.1."

02/17/15: Updated vendor information;

42 Feitian Technologies Co., Ltd
Floor 17, Tower B, Huizhi Mansion, No.9 Xueqing Road
Haidian, Beijing 100085
China

-Tibi
TEL: (+86)010-62304466-821
FAX: (+86)010-62304477

-PENG Jie
TEL: (+86)010-62304466-419
FAX: (+86)010-62304477

FEITIAN-FIPS-Cryptographic Library V1.0.0

Version 1.0.0 (Firmware)
Part # SLE78CLUFX5000PHM
Infineon SLE78CLUFX5000PHM 1/23/2015 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [BeforeFixedData] [AfterFixedData] ) rlength( [8] [16] [24] [32] ) )
AES Val#3185

"FEITIAN-FIPS-Cryptographic Library V1.0.0 implements AES, TDES, CMAC, TDES MAC, SH1, SHA256, SHA512, DRBG, RSA, and KDF, and operates on Infineon SLE78CLFX4000PM for FEITIAN-FIPS-JCOS V1.0.0, which is smart card complied with Java Card 2.2.2 and Global Platform 2.2.1."

02/05/15: Updated vendor information;

41 Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4.3-FIPS (Firmware)
Broadcom BCM53014 12/31/2014 CTR_Mode: ( Llength( Min16 Max136 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [AfterFixedData] ) rlength( [16] ) )
HMAC Val#2004

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

40 INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module Option C

Version 1.1
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 w/ iOS 7.1; ARMv7-a w/ Android 4.4; ARMv7-a w/ 12/5/2014 CTR_Mode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [8] [16] [24] [32] ) )
FeedbackMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) ZeroLenlVSupported[False] )
PipelineMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) )
AES Val#3123 HMAC Val#1980

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives for DAR, DRM, TLS, and VPN on mobile devices."

39 INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module Option B

Version 1.1
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 w/ iOS 7.1; ARMv7-a w/ Android 4.4; ARMv7-a w/ 12/5/2014 CTR_Mode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [8] [16] [24] [32] ) )
FeedbackMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) ZeroLenlVSupported[True] )
PipelineMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) )
AES Val#3123 HMAC Val#1980

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives for DAR, DRM, TLS, and VPN on mobile devices."

38 INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module Option A

Version 1.1
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 w/ iOS 7.1; ARMv7-a w/ Android 4.4; ARMv7-a w/ 12/5/2014 CTR_Mode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [8] [16] [24] [32] ) )
FeedbackMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) ZeroLenlVSupported[True] LocationCounter:( [AfterlterationData] ) rlength( [8] [16] [24] [32] ) )
PipelineMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [AfterlterationData] ) rlength( [8] [16] [24] [32] ) )
AES Val#3123 HMAC Val#1980

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. The module is a toolkit which provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to, primitives for DAR, DRM, TLS, and VPN on mobile devices."

37 INSIDE Secure
Eerikinkatu 28
Helsinki, 00180
Finland

-Serge Haumont
TEL: +358 40 5808548

-Marko Nippula
TEL: +358 40 7629394

SafeZone FIPS Cryptographic Module

Version 1.1
Part # n
Intel Atom Z3740 with AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z2560 w/ 32 bit library w/ Android 4.2; Intel Atom Z3740 with AES-NI w/ 32 bit library w/ Ubuntu Linux (kernel 3.13); Intel Atom Z3740 without AES-NI w/ 64 bit library w/ Ubuntu Linux (kernel 3.13); ARMv6 w/ Raspbian Linux (kernel 3.10); ARMv7 w/ iOS 7.1; ARM64 with ARMv8 Crypto Extensions w/ iOS 7.1; iOS 7.1 w/ iOS 7.1; ARMv7-a w/ 11/21/2014 CTR_Mode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [8] [16] [24] [32] ) )
FeedbackMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) ZeroLenlVSupported[True] LocationCounter:( [AfterlterationData] ) rlength( [8] [16] [24] [32] ) )
PipelineMode: ( Llength( Min8 Max4096 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512] ) LocationCounter( [AfterlterationData] ) rlength( [8] [16] [24] [32] ) )
AES Val#3123 HMAC Val#1980

"SafeZone FIPS Cryptographic Module is a FIPS 140-2 Security Level 1 validated software cryptographic module from INSIDE Secure. This compact and portable module provides the most commonly needed cryptographic primitives for a large variety of applications, including but not limited to DAR, DRM, TLS, and VPN."

36 Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

FIPS 140-2 Certification for Brocade (R) ICX6610

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC8544E 9/26/2014 CTR_Mode: ( Llength( Min0 Max0 ) MACSupported( [CMACAES128] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#3008 DRBG Val#442

"The Brocade Cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade ICX6610 deliver wire-speed, non-blocking performance across all ports to support latency-sensitive."

35 Brocade Communications Systems, Inc.
130 Holger Way
San Jose, CA 95134
USA

-Chris Marks
TEL: 408-333-0480
FAX: 408-333-8101

Brocade MLXe MR2

Version BRCD-IP-CRYPTO-VER-3.0 (Firmware)
Freescale MPC 7448, RISC, 1700 MHz; 8/28/2014 CTR_Mode: ( Llength( Min0 Max0 ) MACSupported( [CMACAES128] ) rlength( [8] ) )
AES Val#2946 DRBG Val#454

"Brocade cryptographic library used in Brocade IP products implements crypto operations in software. The Brocade MLXe Series, NetIron CER 2000 Series Ethernet Routers and NetIron CES 2000 Series Ethernet Switches provide industry-leading wire-speed port capacity without compromising the performance of advanced capabilities such as IPv6, MPLS, and MPLS Virtual Private Networks."

34 Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware with Hardware Accelerators

Version 5.2.109 (Firmware)
P1020, 880MHz, PowerPC; XLP432, 1.4GHz, MIPS; XLR732, 950Mhz, MIPS; XLS208, 750Mhz, MIPS 8/28/2014 CTR_Mode: ( Llength( Min0 Max512 ) MACSupported( [HMACSHA1] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
DRBG Val#543 HMAC Val#1864

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

33 Oberthur Technologies
402 rue d’Estienne d’Orves
Colombes, n/a 92700
France

-GOYET Christophe
TEL: +1 703 322 8951

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

KDF on Cosmo V8

Version build109 (Firmware)
Part # 0F
ID-One PIV-C on Cosmo V8 ;  N/A 7/31/2014 CTR_Mode: ( Llength( Min8 Max32 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) rlength( [8] ) )
KAS Val#48 AES Val#2911

"ID-One Cosmo V8 is a dual interface (ISO 7816 & ISO 14443) smartcard hardware platform compliant with Javacard 3.0.1 and GlobalPlatform 2.2.1 chip which includes a KDF implementation compliant with NIST SP800-108."

08/07/14: Updated implementation information;

32 Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP Series; Freescale QorIQ P10XX Series 7/10/2014 CTR_Mode: ( Llength( Min16 Max136 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [AfterFixedData] ) rlength( [16] ) )
HMAC Val#1835

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

12/04/14: Updated implementation information;
12/24/14: Updated implementation information;

31 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

OSSL

Version Openssl-0.9.8g-8.0.0 (Firmware)
Cavium 56XX 7/10/2014 CTR_Mode: ( Llength( Min48 Max64 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
HMAC Val#1830

"Cisco WLAN Controllers provide centralized control, management and scalability for small, medium and large-scale Government WLAN networks using APs joined over secure DTLS connection and support IEEE 802.11i security standard with WPA2 to enable a Secure Wireless Architecture."

10/14/2014: Added KDF 800-135 IKEv1 KDF and SNMP KDF and updated implementation description.

30 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Surface Pro 3, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry and Microsoft StorSimple 8100 Cryptography Next Generation Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Windows Phone 8.1 (ARMv7 Thumb-2) w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64) ;  Intel Xeon E5-2648L without AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Xeon E5-2648L with AES-NI w/ Microsoft StorSimple 8100 w/ Microsoft Windows Server 2012 R2; Intel Core i7 with AES-NI and PCLMULQDQ and SSSE 3 w/ Microsoft Surface Pro 3 w/ Windows 8.1 Pro (x64) 7/10/2014 CTR_Mode: ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
DRBG Val#489 HMAC Val#1773

"The Microsoft Windows Kernel Mode Cryptographic Primitives Library -- Cryptography Next Generation (CNG) -- is a general purpose, software-based, cryptographic module which provides FIPS 140-2 Level 1 cryptography."

12/11/14: Added new tested information;
03/13/15: Added new tested information;

29 Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale P1010 7/10/2014 CTR_Mode: ( Llength( Min768 Max768 ) MACSupported( [HMACSHA256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
HMAC Val#1821

"Firmware algorithm implementations for the ONS encryption card."

28 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS XE

Version 3.6.0E (Firmware)
Cavium CN6230; Intel Core i5 6/30/2014 CTR_Mode: ( Llength( Min64 Max48 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
HMAC Val#1672

"Cisco Unified Access is the convergence of the wired and wireless networks into one physical infrastructure. It offers greater intelligence, simplicity, performance, and open interfaces. These devices combine wired and wireless by supporting wireless tunnel termination and full wireless LAN controller functionality designed for 802.11ac performance."

27 N/A N/A N/A 6/27/2014 N/A
26 Digital Defence Ltd
400 Pavilion Drive
Northampton Business Park
Northampton, NN4 7PA
United Kingdom

-Ben Earl
TEL: +44-1604-521108
FAX: +44-1604-521001

Secure Mobile

Version 11.1.0.0
ARMv4i (as part of test platform, i.e. Motorola MC65 mobile handset) w/ Windows Mobile 6.5 5/30/2014 CTR_Mode: ( Llength( Min128 Max256 ) MACSupported( [HMACSHA256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
RNG Val#286 HMAC Val#1792

"Secure Mobile is a security extension for Windows Mobile that provides device authentication, access control and storage encryption functionality. The concrete IUT here is a Control Panel Applet (CPL) which is part of the Secure Mobile cryptographic module."

25 INSIDE Secure
Arteparc Bachasson, Bât A
Rue de la carrière de Bachasson, CS70025
Meyreuil, Bouches-du-Rhône 13590
France

-Bob Oerlemans
TEL: +31 736-581-900
FAX: +31 736-581-999

VaultIP

Part # 1.1
N/A 5/23/2014 CTR_Mode: ( Llength( Min10 Max64 ) MACSupported( [CMACAES256] [HMACSHA256] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
FeedbackMode: ( Llength( Min10 Max64 ) MACSupported( [CMACAES256] [HMACSHA256] ) ZeroLenlVSupported[True] LocationCounter:( [AfterFixedData] ) rlength( [8] ) )
AES Val#2847 DRBG Val#500 HMAC Val#1787

"VaultIP is a Silicon IP Security Module which includes a complete set of high- and low-level cryptographic functions. It offers key management and crypto functions needed for platform and application security such as Content Protection and Mobile Payment, and can be used stand-alone or as a ''Root of Trust'' to support a TEE-based platform."

24 Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS 802.11i Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; ;  Cavium Octeon CN5000 series 5/2/2014 CTR_Mode: ( Llength( Min80 Max80 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
DRBG Val#490 HMAC Val#1774

"Xirrus AOS 802.11i implementation."

08/13/14: Added new tested information;

22 Infotecs
41 Madison Avenue
New York, New York 10010
USA

-Andrey Krasikov
TEL: +1 (678) 431-9502

-Philippe Dieudonné
TEL: +7 (495) 737-6192

ViPNet Common Crypto Core Library (User Space)

Version 1.0
Intel Core i7 w/ Windows 8.1 64-bit; ARMv7 w/ Android 4.4 4/9/2014 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#2823 DRBG Val#484

"The ViPNet Common Crypto Core Library is a software library that provides cryptographic services to a number of ViPNet applications via an API. It is available in user space and kernel driver implementations on a wide range of operational systems. User space library and kernel library use the same base source code."

21 Infotecs
41 Madison Avenue
New York, New York 10010
USA

-Andrey Krasikov
TEL: +1 (678) 431-9502

-Philippe Dieudonné
TEL: +7 (495) 737-6192

ViPNet Common Crypto Core Library (Kernel)

Version 1.0
Intel Core i7 w/ Windows 8.1 64-bit 4/9/2014 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#2822 DRBG Val#483

"The ViPNet Common Crypto Core Library is a software library that provides cryptographic services to a number of ViPNet applications via an API. It is available in user space and kernel driver implementations on a wide range of operational systems. User space library and kernel library use the same base source code."

20 Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

802.11i

Version 4.0.4.0 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 CTR_Mode: ( Llength( Min80 Max80 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
RNG Val#1267 HMAC Val#1725

"Motorola''s implementation 802.11i (WPA2) standard specification for handling WLAN sessions"

19 N/A N/A N/A 12/20/2013 N/A
18 Giesecke & Devrient GmbH
Prinzregentenstraße 159
München, n/a 81677
Germany

-Katharina Wallhäußer
TEL: +49 89 4119-1397
FAX: +49 89 4119-2819

CTR KDF

Version 1.0 (Firmware)
SLE78CLFX4000P(M) / M7892 family 12/18/2013 CTR_Mode: ( Llength( Min0 Max16 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) rlength( [8] ) )
AES Val#2720

"Sm@rtCafé Expert 7.0 C1 is a Java Card 3 Platform Classic Edition compliant to GlobalPlatform CS V2.2.1 and GP V2.2 Amd D."

17 Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
P1020, 800 Mhz, PowerPC; XLP432, 1.4Ghz, MIPS; XLR732, 950 Mhz, MIPS; XLS208, 750 Mhz, MIPS 11/29/2013 CTR_Mode: ( Llength( Min0 Max48 ) MACSupported( [HMACSHA1] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
RNG Val#1254 HMAC Val#1680

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

16 Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020 11/22/2013 CTR_Mode: ( Llength( Min16 Max136 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [AfterFixedData] ) rlength( [16] ) )
HMAC Val#1666

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

15 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079

Luna G5 Cryptographic Library

Version 6.10.4 (Firmware)
AMCC 440EPx PowerPC (PPC440EPx) Embedded Processor 11/8/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
DRBG Val#428

"The G5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

12/01/14: Updated implementation information;

14 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079

Luna K6 Cryptographic Library

Version 6.10.4 (Firmware)
AMCC 440EPx Power PC (PPC440EPx) Embedded Processor 11/8/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2667 DRBG Val#428

"The K6 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

12/01/14: Updated implementation information;

13 Vaultive, Inc.
489 5th Avenue, floor 31
New York, NY 10017
USA

-Steve Coplan
TEL: 212-875-1210

Vaultive Cryptographic Library

Version 1.0
Intel Xeon E5 series with AES-NI w/ Ubuntu Server 12.04LTS 10/1/2013 CTR_Mode: ( Llength( Min16 Max17 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [8] [16] [24] [32] ) )
AES Val#2638 RNG Val#1245

"Vaultive Cryptographic Module implements several NIST-approved cryptographic algorithms. Vaultive Inc. uses the Vaultive Cryptographic Module to deliver cloud encryption solutions preserving server-side operations including indexing, searching, record sorting and format preservation without compromising security."

12 Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 1.0 (Firmware)
Freescale P1010 7/15/2013 CTR_Mode: ( Llength( Min0 Max96 ) MACSupported( [HMACSHA256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
HMAC Val#1569

"Firmware algorithm implementations for the ONS encryption cards."

11 whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - NIST800108Aes128

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 CTR_Mode: ( Llength( Min0 Max4080 ) MACSupported( [CMACAES128] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#2471

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

10 Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

WiNG5-802.11i

Version 5.4.10 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 CTR_Mode: ( Llength( Min80 Max80 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
RNG Val#1180 HMAC Val#1478

"WiNG5-802.11i"

9 Feitian Technologies Co., Ltd
Floor 17, Tower B, Huizhi Mansion, No.9 Xueqing Road
Haidian, Beijing 100085
China

-Tibi
TEL: (+86)010-62304466-821
FAX: (+86)010-62304477

-PENG Jie
TEL: (+86)010-62304466-419
FAX: (+86)010-62304477

FEITIAN-FIPS-Cryptographic Library V1.0.0

Version 1.0.0 (Firmware)
Part # SLE78CLFX4000PM
Infineon SLE78CLFX4000PM 3/22/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [BeforeFixedData] [AfterFixedData] ) rlength( [8] [16] [24] [32] ) )
AES Val#2358

"FEITIAN-FIPS-Cryptographic Library V1.0.0 implements AES, TDES, CMAC, TDES MAC, SHA1, SHA256, SHA512, DRBG, RSA, and KDF, and operates on Infineon SLE78CLFX4000PM for FEITIAN-FIPS-JCOS V1.0.0, which is smart card complied with Java Card 2.2.2 and Global Platform 2.2.1."

03/29/13: Updated implementation information;
02/05/15: Updated vendor information;

8 N/A N/A N/A 3/8/2013 N/A
7 GOTrust Technology Inc.
10F-1, No.306, Sec. 1, Wenxin Rd., Nantun Dist.
Taichung City, 408
Taiwan

-Sean Huang
TEL: +886-4-23202525
FAX: +886-4-23202580

GO-Trust Cipher Library

Version 1.0 (Firmware)
ARM SecurCore SC300 1/18/2013 CTR_Mode: ( Llength( Min20 Max70 ) MACSupported( [HMACSHA1] [HMACSHA256] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
RNG Val#999 HMAC Val#1426

"The GO-Trust Cipher Library is designed to provide FIPS140-2 algorithm support for the GO-Trust Cryptographic Module. This module supports GO-Trust applications (for example: KingCall and KingText) by providing validated Cryptographic Services. The incorporation of these algorithms makes these products ideal for enterprise and governmen"

6 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079

Luna IS Cryptographic Library

Version 6.3.1 (Firmware)
AMCC 440EPx Power PC (PPC440EPx) Embedded Processor 11/21/2012 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2282 DRBG Val#277

"The Luna IS cryptographic library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

5 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

-Laurie Smith
TEL: 613-221-5026
FAX: 613-723-5079

Luna G5 Cryptographic Library

Version 6.2.3 (Firmware)
AMCC PowerPC 440EPx 10/23/2012 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2263 TDES Val#1415 DRBG Val#277

"The G5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

10/31/12: Updated implementation information;

4 TecSec Services Incorporated
12950 Worldgate Drive Suite 100
Herndon, VA 20170
USA

-Ron Parsons
TEL: 571- 299-4127
FAX: 571-299-4101

-Roger Butler
TEL: 571-331-6130

KDF108-CTR-CKM-OS755

Version Revno: 620 (Firmware)
Inside Secure AT90SC Part Family 10/5/2012 CTR_Mode: ( Llength( Min1 Max96 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
AES Val#2226 DRBG Val#98 HMAC Val#1354

"TecSec Armored Card Attribute Container cryptographic service library."

This implementation also tested: CTR_Mode: ( Llength( Min1 Max128 ) MACSupported( [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )

3 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft
FAX: (none)

Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, Windows Phone 8 and Windows Storage Server 2012 Cryptography Next Generation (CNG) Implementations

Version 6.2.9200
Qualcomm Snapdragon S4 w/ Windows RT (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Windows RT (ARMv7 Thumb-2); Intel Core i7 with AES-NI w/ Windows 8 Enterprise (x64); Intel Pentium D w/ Windows 8 Enterprise (x64); AMD Athlon 64 X2 Dual Core w/ Windows 8 Enterprise (x86); Intel Pentium D w/ Windows Server 2012 (x64); Intel Core i7 with AES-NI w/ Windows Server 2012 (x64); Qualcomm Snapdragon S4 w/ Windows Phone 8 (ARMv7 Thumb-2); Intel x64 Processor with AES-NI w/ Surface Windows 8 Pro (x64) ;  Intel Core i7 without AES-NI w/ Windows Storage Server 2012; Intel Core i7 with AES-NI w/ Windows Storage Server 2012 9/26/2012 CTR_Mode: ( Llength( Min0 Max4 ) MACSupported( [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
DRBG Val#258 HMAC Val#1345

"The Microsoft Windows Cryptographic Primitives Library is a general purpose, software-based, cryptographic module which can be dynamically linked into applications by developers to permit the use of FIPS 140-2 Level 1 compliant cryptography."

11/29/12: Added new tested information;
01/16/13: Updated and added new tested implementation information;
05/31/13: Added new tested information;
06/20/13: Updated implementation information;

2 Atos Worldline SA/NV
Haachtsesteenweg 1142
Brussels, 1130
Belgium

-Filip Demaertalaere
TEL: +32 2 727 61 67

-Sam Yala
TEL: +32 2 727 61 94

ACC (Atos Worldline Cryptographic Core)

Version 1.2 (Firmware)
Freescale 8/3/2012 FeedbackMode: ( Llength( Min16 Max32 ) MACSupported( [HMACSHA256] ) ZeroLenlVSupported[True] )
DRBG Val#138 HMAC Val#1068

"The ACC is the cryptographic engine of Atos Worldline Hardware Security Module. The ACC makes use of dedicated hardware accelerators."

10/03/12: Updated implementation information;

1 Thales e-Security
2200 North Commerce Parkway
Suite 200
Weston, FL 33326
USA

-Joe Warren
TEL: 321-264-2928

Thales Datacryptor

Version 5.0 (Firmware)
PowerPC Core 405 5/17/2012 CTR_Mode: ( Llength( Min0 Max250 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
KAS Val#34 AES Val#2030

"The Thales Datacryptor protects the confidentiality and integrity of sensitive data travelling over public networks."


Need Assistance?

Computer Security Division
National Institute of Standards and Technology