SP 800-108 Key-Based Key Derivation Functions (KBKDF) Validation List

Last Update: 8/26/2014

Overview

The page provides technical information about implementations that have been validated as conforming to the key-based key derivation functions as approved in "Special Publication 800-108 Recommendation for Key Derivation Using Pseudorandom Functions (Revised) dated October 2009.

The list below describes implementations which have been validated as correctly implementing the KBKDF algorithm, using the validation tests found in " The SP800-108 Key Derivation Function Validation System (KBKDFVS).The testing is handled by NVLAP-accredited Cryptographic And Security Testing (CST) Laboratories.

The implementations below consist of software, firmware, hardware and any combination thereof. The National Institute of Standards and Technology (NIST) has made every attempt to provide complete and accurate information about the implementations described in this list. However, due to the possibility of changes made within individual companies, NIST cannot guarantee that this list reflects the current status of each implementation. It is the responsibility of the vendor to notify NIST of any necessary changes to its entry in the following list. In addition to a general description of each product, this list mentions the features that were tested as conforming to the KBKDF; these features are listed on the validation that is issued to the vendor. The following notation is used to describe the implemented features that were successfully tested.

Legend for Description Field

Mode: [Counter Mode] [Feedback Mode] [Double-Pipeline Iteration Mode] Families of KDF
MACSupported([CMACAES128][CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] [HMACSHA1] [HMACSHA224] [HMACSHA256] [HMACSHA384] [HMACSHA512]) Pseudorandom Function (PRF) used to compute the keying material
Llength(Values tested) Length of the derived keying material
ZeroLenIVSupported([True] [False]) Required ONLY for Feedback Mode
CounterUsedInData([True] [False]) Required in Feedback and Double-Pipeline Iteration Modes
rlength([8][16][24][32]) Length of the binary representation of the counter i.
LocationCounter
For CounterMode:([BeforeFixedData]
[AfterFixedData])
For Feedback and Double-Pipeline Iteration Modes:([BeforeIterationData]
[AfterIterationData] [AfterFixedData])
Location of counter in the data to be MACed.
Required for Counter Mode.
If CounterUsedInData = True for Feedback and/or Double-Pipeline Iteration Modes, this is required.

KBKDF Validated Implementations

Validation
No.
Vendor Implementation
Operational
Environment
Val.
Date
Modes/States/Key sizes/
Description/Notes
33 Oberthur Technologies
402 rue d’Estienne d’Orves
Colombes, n/a 92700
France

-GOYET Christophe
TEL: +1 703 322 8951

-BOUKYOUD Saïd
TEL: +33 1 78 14 72 58
FAX: +33 1 78 14 70 20

KDF on Cosmo V8

Version build109 (Firmware)
Part # 0F
ID-One PIV-C on Cosmo V8 ;  N/A 7/31/2014 CTR_Mode: ( Llength( Min8 Max32 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) rlength( [8] ) )
KAS Val#48 AES Val#2911

"ID-One Cosmo V8 is a dual interface (ISO 7816 & ISO 14443) smartcard hardware platform compliant with Javacard 3.0.1 and GlobalPlatform 2.2.1 chip which includes a KDF implementation compliant with NIST SP800-108."

08/07/14: Updated implementation information;

32 Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

-Steve Weingart
TEL: 1-830-580-1544

ArubaOS OpenSSL Module

Version ArubaOS 6.4 (Firmware)
Broadcom XLP208; Freescale QorIQ P1020 7/10/2014 CTR_Mode: ( Llength( Min16 Max136 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [AfterFixedData] ) rlength( [16] ) )
HMAC Val#1835

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks."

31 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

OSSL

Version Openssl-0.9.8g-8.0.0 (Firmware)
Cavium 56XX 7/10/2014 CTR_Mode: ( Llength( Min48 Max64 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
HMAC Val#1830

"Cisco WLAN Controller 5508 provides centralized control, management and scalability for small, medium and large-scale Government WLAN networks using APs joined over secure DTLS connection and support IEEE 802.11i security standard with WPA2 to enable a Secure Wireless Architecture.""

30 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft

Microsoft Windows 8.1, Microsoft Windows Server 2012 R2, Microsoft Windows Storage Server 2012 R2, Microsoft Windows RT 8.1, Microsoft Surface with Windows RT 8.1, Microsoft Surface Pro with Windows 8.1, Microsoft Surface 2, Microsoft Surface Pro 2, Microsoft Windows Phone 8.1, Microsoft Windows Embedded 8.1 Industry Cryptography Next Generation Cryptographic Implementations

Version 6.3.9600
NVIDIA Tegra 4 Quad-Core w/ Microsoft Surface 2 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Windows RT 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon 400 w/ Windows Phone 8.1 (ARMv7 Thumb-2); Windows Phone 8.1 (ARMv7 Thumb-2) w/ Windows Phone 8.1 (ARMv7 Thumb-2); Qualcomm Snapdragon S4 w/ Windows RT 8.1 (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Microsoft Surface w/ Windows RT 8.1 (ARMv7 Thumb-2); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x86); Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x86); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x86); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows 8.1 Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); Intel Pentium without AES-NI w/ Microsoft Windows 8.1 Enterprise (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Embedded 8.1 Industry Enterprise (x64); Intel Core i3 without AES-NI and with PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Server 2012 R2 (x64); AMD A4 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); AMD Athlon 64 X2 without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i7 without AES-NI or PCLMULQDQ or SSSE3 w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Pentium without AES-NI w/ Microsoft Windows Storage Server 2012 R2 (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Microsoft Windows 8.1 Enterprise (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro w/ Windows 8.1 Pro (x64); Intel Core i5 with AES-NI and PCLMULQDQ and SSSE3 w/ Microsoft Surface Pro 2 w/ Windows 8.1 Pro (x64) 7/10/2014 CTR_Mode: ( Llength( Min0 Max0 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
DRBG Val#489 HMAC Val#1773

"The Microsoft Windows Kernel Mode Cryptographic Primitives Library -- Cryptography Next Generation (CNG) -- is a general purpose, software-based, cryptographic module which provides FIPS 140-2 Level 1 cryptography."

29 Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 1.2 (Firmware)
Freescale P1010 7/10/2014 CTR_Mode: ( Llength( Min768 Max768 ) MACSupported( [HMACSHA256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
HMAC Val#1821

"Firmware algorithm implementations for the ONS encryption card."

28 Cisco Systems, Inc.
170 West Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

IOS XE

Version 3.6.0E (Firmware)
Cavium CN6230; Intel Core i5 6/30/2014 CTR_Mode: ( Llength( Min64 Max48 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
HMAC Val#1672

"Cisco Unified Access is the convergence of the wired and wireless networks into one physical infrastructure. It offers greater intelligence, simplicity, performance, and open interfaces. These devices combine wired and wireless by supporting wireless tunnel termination and full wireless LAN controller functionality designed for 802.11ac performance."

27 N/A N/A N/A 6/27/2014 N/A
26 Digital Defence Ltd
400 Pavilion Drive
Northampton Business Park
Northampton, NN4 7PA
United Kingdom

-Ben Earl
TEL: +44-1604-521108
FAX: +44-1604-521001

Secure Mobile

Version 11.1.0.0
ARMv4i (as part of test platform, i.e. Motorola MC65 mobile handset) w/ Windows Mobile 6.5 5/30/2014 CTR_Mode: ( Llength( Min128 Max256 ) MACSupported( [HMACSHA256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
RNG Val#286 HMAC Val#1792

"Secure Mobile is a security extension for Windows Mobile that provides device authentication, access control and storage encryption functionality. The concrete IUT here is a Control Panel Applet (CPL) which is part of the Secure Mobile cryptographic module."

25 INSIDE Secure
Arteparc Bachasson, Bât A
Rue de la carrière de Bachasson, CS70025
Meyreuil, Bouches-du-Rhône 13590
France

-Bob Oerlemans
TEL: +31 736-581-900
FAX: +31 736-581-999

VaultIP

Part # 1.1
N/A 5/23/2014 CTR_Mode: ( Llength( Min10 Max64 ) MACSupported( [CMACAES256] [HMACSHA256] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
FeedbackMode: ( Llength( Min10 Max64 ) MACSupported( [CMACAES256] [HMACSHA256] ) ZeroLenlVSupported[True] LocationCounter:( [AfterFixedData] ) rlength( [8] ) )
AES Val#2847 DRBG Val#500 HMAC Val#1787

"VaultIP is a Silicon IP Security Module which includes a complete set of high- and low-level cryptographic functions. It offers key management and crypto functions needed for platform and application security such as Content Protection and Mobile Payment, and can be used stand-alone or as a ''Root of Trust'' to support a TEE-based platform."

24 Xirrus, Inc.
2101 Corporate Center Drive
Thousand Oaks, CA 91320
USA

-Mike de la Garrigue
TEL: 805-262-1655
FAX: 805-262-1601

AOS 802.11i Module

Version 6.0 (Firmware)
Cavium Octeon CN6000 series; ;  Cavium Octeon CN5000 series 5/2/2014 CTR_Mode: ( Llength( Min80 Max80 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
DRBG Val#490 HMAC Val#1774

"Xirrus AOS 802.11i implementation."

08/13/14: Added new tested information;

22 Infotecs
41 Madison Avenue
New York, New York 10010
USA

-Andrey Krasikov
TEL: +1 (678) 431-9502

-Philippe Dieudonné
TEL: +7 (495) 737-6192

ViPNet Common Crypto Core Library (User Space)

Version 1.0
Intel Core i7 w/ Windows 8.1 64-bit; ARMv7 w/ Android 4.4 4/9/2014 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#2823 DRBG Val#484

"The ViPNet Common Crypto Core Library is a software library that provides cryptographic services to a number of ViPNet applications via an API. It is available in user space and kernel driver implementations on a wide range of operational systems. User space library and kernel library use the same base source code."

21 Infotecs
41 Madison Avenue
New York, New York 10010
USA

-Andrey Krasikov
TEL: +1 (678) 431-9502

-Philippe Dieudonné
TEL: +7 (495) 737-6192

ViPNet Common Crypto Core Library (Kernel)

Version 1.0
Intel Core i7 w/ Windows 8.1 64-bit 4/9/2014 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#2822 DRBG Val#483

"The ViPNet Common Crypto Core Library is a software library that provides cryptographic services to a number of ViPNet applications via an API. It is available in user space and kernel driver implementations on a wide range of operational systems. User space library and kernel library use the same base source code."

20 Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

802.11i

Version 4.0.4.0 (Firmware)
Cavium Octeon Plus CN5000 Family 12/31/2013 CTR_Mode: ( Llength( Min80 Max80 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
RNG Val#1267 HMAC Val#1725

"Motorola''s implementation 802.11i (WPA2) standard specification for handling WLAN sessions"

19 N/A N/A N/A 12/20/2013 N/A
18 Giesecke & Devrient GmbH
Prinzregentenstraße 159
München, n/a 81677
Germany

-Katharina Wallhäußer
TEL: +49 89 4119-1397
FAX: +49 89 4119-2819

CTR KDF

Version 1.0 (Firmware)
SLE78CLFX4000P(M) / M7892 family 12/18/2013 CTR_Mode: ( Llength( Min0 Max16 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) rlength( [8] ) )
AES Val#2720

"Sm@rtCafé Expert 7.0 C1 is a Java Card 3 Platform Classic Edition compliant to GlobalPlatform CS V2.2.1 and GP V2.2 Amd D."

17 Hewlett-Packard Company
153 Taylor Street
Littleton, MA 01460
USA

-Bob Pittman
TEL: 1-978-264-5211
FAX: 1-978-264-5522

HP Comware

Version 5.2 (Firmware)
P1020, 800 Mhz, PowerPC; XLP432, 1.4Ghz, MIPS; XLR732, 950 Mhz, MIPS; XLS208, 750 Mhz, MIPS 11/29/2013 CTR_Mode: ( Llength( Min0 Max48 ) MACSupported( [HMACSHA1] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
RNG Val#1254 HMAC Val#1680

"Comware cryptographic library is a software library that provides cryptographic functions within HP devices."

16 Aruba Networks, Inc.
1344 Crossman Ave
Sunnyvale, CA 94089
USA

-Jon Green
TEL: 408-227-4500
FAX: 408-227-4550

ArubaOS OpenSSL Module

Version ArubaOS 6.3 (Firmware)
Qualcomm Atheros AR7161; Qualcomm Atheros AR7242; Cavium CN5010; Marvell 88F6560; Qualcomm Atheros QCA9344; Qualcomm Atheros QCA9550; Broadcom XLP416; Broadcom XLP432; Broadcom XLR732; Broadcom XLR508; Broadcom XLR516; Broadcom XLR532; Broadcom XLS204; Broadcom XLS408; Freescale QorIQ P1020 11/22/2013 CTR_Mode: ( Llength( Min16 Max136 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA384] ) LocationCounter( [AfterFixedData] ) rlength( [16] ) )
HMAC Val#1666

"The Aruba MOVE Architecture forms the core network infrastructure for supporting mobile and wireless computing devices. The system enables enterprise-scale 802.11 wireless LANs (Wi-Fi), secure remote VPNs, and mobility-optimized wired networks.."

15 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079

Luna G5 Cryptographic Library

Version 6.10.2 (Firmware)
AMCC 440EPx PowerPC (PPC440EPx) Embedded Processor 11/8/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
DRBG Val#428

"The G5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

14 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079

Luna K6 Cryptographic Library

Version 6.10.2 (Firmware)
AMCC 440EPx Power PC (PPC440EPx) Embedded Processor 11/8/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2667 DRBG Val#428

"The K6 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

13 Vaultive, Inc.
489 5th Avenue, floor 31
New York, NY 10017
USA

-Steve Coplan
TEL: 212-875-1210

Vaultive Cryptographic Library

Version 1.0
Intel Xeon E5 series with AES-NI w/ Ubuntu Server 12.04LTS 10/1/2013 CTR_Mode: ( Llength( Min16 Max17 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [8] [16] [24] [32] ) )
AES Val#2638 RNG Val#1245

"Vaultive Cryptographic Module implements several NIST-approved cryptographic algorithms. Vaultive Inc. uses the Vaultive Cryptographic Module to deliver cloud encryption solutions preserving server-side operations including indexing, searching, record sorting and format preservation without compromising security."

12 Cisco Systems, Inc.
170 W. Tasman Drive
San Jose, CA 95134
USA

-Global Certification Team

ONS Encryption Card Firmware Algorithms

Version 1.0 (Firmware)
Freescale P1010 7/15/2013 CTR_Mode: ( Llength( Min0 Max96 ) MACSupported( [HMACSHA256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
HMAC Val#1569

"Firmware algorithm implementations for the ONS encryption cards."

11 whiteCryption Corporation
920 Stewart Drive
Suite #100
Sunnyvale, CA 94085
USA

-Alex Bessonov
TEL: 408-616-1647

whiteCryption SKB - NIST800108Aes128

Version 4.6.0
Nvidia Tegra 4 w/ Android 4.2 5/24/2013 CTR_Mode: ( Llength( Min0 Max4080 ) MACSupported( [CMACAES128] ) LocationCounter( [BeforeFixedData] ) rlength( [8] ) )
AES Val#2471

"whiteCryption Secure Key Box (SKB) is a C/C++ library that provides cryptographic algorithms. SKB''s unique white-box implementation is specifically designed to hide and protect cryptographic keys at all times. It allows safe deployment in insecure environments."

10 Motorola Solutions, Inc.
6480 Via Del Oro
San Jose, CA 95119
USA

-Udayan Borkar
TEL: 408-528-2361
FAX: 408-528-2903

-Colin Cooper
TEL: 408-528-2871
FAX: 408-528-2903

WiNG5-802.11i

Version 5.4.10 (Firmware)
Cavium Octeon Plus CN5000 Family 4/12/2013 CTR_Mode: ( Llength( Min80 Max80 ) MACSupported( [HMACSHA1] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
RNG Val#1180 HMAC Val#1478

"WiNG5-802.11i"

9 Feitian Technologies Co., Ltd
Floor 17th, Tower B, Huizhi Mansion, No.9 Xueqing Road
Beijing, Beijing 100085
China

-Erik
TEL: (+86)010-62304466-831
FAX: (+86)010-62304477

-Guo Yu Yi
TEL: (+86)010-62304466-342
FAX: (+86)010-62304477

FEITIAN-FIPS-Cryptographic Library V1.0.0

Version 1.0.0 (Firmware)
Part # SLE78CLFX4000PM
Infineon SLE78CLFX4000PM 3/22/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [BeforeFixedData] [AfterFixedData] ) rlength( [8] [16] [24] [32] ) )
AES Val#2358

"FEITIAN-FIPS-Cryptographic Library V1.0.0 implements AES, TDES, CMAC, TDES MAC, SHA1, SHA256, SHA512, DRBG, RSA, and KDF, and operates on Infineon SLE78CLFX4000PM for FEITIAN-FIPS-JCOS V1.0.0, which is smart card complied with Java Card 2.2.2 and Global Platform 2.2.1."

03/29/13: Updated implementation information;

8 N/A N/A N/A 3/8/2013 N/A
7 GOTrust Technology Inc.
10F-1, No.306, Sec. 1, Wenxin Rd., Nantun Dist.
Taichung City, 408
Taiwan

-Sean Huang
TEL: +886-4-23202525
FAX: +886-4-23202580

GO-Trust Cipher Library

Version 1.0 (Firmware)
ARM SecurCore SC300 1/18/2013 CTR_Mode: ( Llength( Min20 Max70 ) MACSupported( [HMACSHA1] [HMACSHA256] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
RNG Val#999 HMAC Val#1426

"The GO-Trust Cipher Library is designed to provide FIPS140-2 algorithm support for the GO-Trust Cryptographic Module. This module supports GO-Trust applications (for example: KingCall and KingText) by providing validated Cryptographic Services. The incorporation of these algorithms makes these products ideal for enterprise and governmen"

6 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079

Luna IS Cryptographic Library

Version 6.3.1 (Firmware)
AMCC 440EPx Power PC (PPC440EPx) Embedded Processor 11/21/2012 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2282 DRBG Val#277

"The Luna IS cryptographic library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

5 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

-Laurie Smith
TEL: 613-221-5026
FAX: 613-723-5079

Luna G5 Cryptographic Library

Version 6.2.3 (Firmware)
AMCC PowerPC 440EPx 10/23/2012 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] [CMACTDES2] [CMACTDES3] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2263 TDES Val#1415 DRBG Val#277

"The G5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

10/31/12: Updated implementation information;

4 TecSec Services Incorporated
12950 Worldgate Drive Suite 100
Herndon, VA 20170
USA

-Ron Parsons
TEL: 571- 299-4127
FAX: 571-299-4101

-Roger Butler
TEL: 571-331-6130

KDF108-CTR-CKM-OS755

Version Revno: 620 (Firmware)
Inside Secure AT90SC Part Family 10/5/2012 CTR_Mode: ( Llength( Min1 Max96 ) MACSupported( [CMACAES128] [CMACAES192] [CMACAES256] ) LocationCounter( [AfterFixedData] ) rlength( [8] ) )
AES Val#2226 DRBG Val#98 HMAC Val#1354

"TecSec Armored Card Attribute Container cryptographic service library."

This implementation also tested: CTR_Mode: ( Llength( Min1 Max128 ) MACSupported( [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )

3 Microsoft Corporation
One Microsoft Way
Redmond, WA 98052-6399
USA

-Tim Myers
TEL: 800-Microsoft
FAX: (none)

Windows 8, Windows RT, Windows Server 2012, Surface Windows RT, Surface Windows 8 Pro, and Windows Phone 8 Cryptography Next Generation (CNG) Implementations

Version 6.2.9200
Qualcomm Snapdragon S4 w/ Windows RT (ARMv7 Thumb-2); NVIDIA Tegra 3 Quad-Core w/ Windows RT (ARMv7 Thumb-2); Intel Core i7 with AES-NI w/ Windows 8 Enterprise (x64); Intel Pentium D w/ Windows 8 Enterprise (x64); AMD Athlon 64 X2 Dual Core w/ Windows 8 Enterprise (x86); Intel Pentium D w/ Windows Server 2012 (x64); Intel Core i7 with AES-NI w/ Windows Server 2012 (x64); Qualcomm Snapdragon S4 w/ Windows Phone 8 (ARMv7 Thumb-2); Intel x64 Processor with AES-NI w/ Surface Windows 8 Pro (x64) 9/26/2012 CTR_Mode: ( Llength( Min0 Max4 ) MACSupported( [HMACSHA1] [HMACSHA256] [HMACSHA512] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
DRBG Val#258 HMAC Val#1345

"The Microsoft Windows Cryptographic Primitives Library is a general purpose, software-based, cryptographic module which can be dynamically linked into applications by developers to permit the use of FIPS 140-2 Level 1 compliant cryptography."

11/29/12: Added new tested information;
01/16/13: Updated and added new tested implementation information;
05/31/13: Added new tested information;
06/20/13: Updated implementation information;

2 Atos Worldline SA/NV
Haachtsesteenweg 1142
Brussels, 1130
Belgium

-Filip Demaertalaere
TEL: +32 2 727 61 67

-Sam Yala
TEL: +32 2 727 61 94

ACC (Atos Worldline Cryptographic Core)

Version 1.2 (Firmware)
Freescale 8/3/2012 FeedbackMode: ( Llength( Min16 Max32 ) MACSupported( [HMACSHA256] ) ZeroLenlVSupported[True] )
DRBG Val#138 HMAC Val#1068

"The ACC is the cryptographic engine of Atos Worldline Hardware Security Module. The ACC makes use of dedicated hardware accelerators."

10/03/12: Updated implementation information;

1 Thales e-Security
2200 North Commerce Parkway
Suite 200
Weston, FL 33326
USA

-Joe Warren
TEL: 321-264-2928

Thales Datacryptor

Version 5.0 (Firmware)
PowerPC Core 405 5/17/2012 CTR_Mode: ( Llength( Min0 Max250 ) MACSupported( [CMACAES256] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
KAS Val#34 AES Val#2030

"The Thales Datacryptor protects the confidentiality and integrity of sensitive data travelling over public networks."


Need Assistance?

Computer Security Division
National Institute of Standards and Technology