Module Name
Symantec PGP Cryptographic Engine
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations.
Tested Configuration(s)
- Apple Mac OS X 10.7 with PAA running on Apple MacBook Pro
- Apple Mac OS X 10.7 without PAA running on Apple MacBook Pro
- Microsoft Windows 7 32-bit with PAA running on Dell M6600
- Microsoft Windows 7 32-bit without PAA running on Dell M6400
- Microsoft Windows 7 64-bit with PAA running on Dell M6600
- Microsoft Windows 7 64-bit without PAA running on Dell M6400
- Red Hat Enterprise Linux (RHEL) 6.2 32-bit with PAA running on Dell M6600
- Red Hat Enterprise Linux (RHEL) 6.2 32-bit without PAA running on Dell M6400
- Red Hat Enterprise Linux (RHEL) 6.2 64-bit with PAA running on Dell M6600
- Red Hat Enterprise Linux (RHEL) 6.2 64-bit without PAA running on Dell M6400 (single-user mode)
Approved Algorithms
AES |
Certs. #2766, #2786, #2799, #2805, #2866, #2867, #2868, #2869, #2870 and #2871 |
CVL |
Certs. #240, #241, #248, #249, #302, #303, #304, #305, #306 and #307 |
DRBG |
Certs. #473, #474, #478, #479, #510, #511, #512, #513, #514 and #515 |
DSA |
Certs. #846, #847, #848, #849, #859, #860, #861, #862, #863 and #864 |
ECDSA |
Certs. #487, #488, #489, #490, #509, #510, #511, #512, #513 and #514 |
HMAC |
Certs. #1746, #1747, #1755, #1756, #1805, #1806, #1807, #1808, #1809 and #1810 |
RSA |
Certs. #1459, #1465, #1466, #1468, #1503, #1504, #1505, #1508, #1509 and #1510 |
SHS |
Certs. #2342, #2343, #2351, #2353, #2408, #2409, #2410, #2411, #2412 and #2413 |
Triple-DES |
Certs. #1675, #1676, #1683, #1684, #1711, #1712, #1713, #1714, #1715 and #1716 |
Other Algorithms
AES EME2 (non-compliant); AES PlumbCFB (non-compliant); AESMixCBC (non-compliant); MD5; RIPEMD160; MD2; KECCEK; RC2; ARC4; IDEA; CAST5; TwoFish; BlowFish; El Gamal; PBKDF2 (non-compliant); KBKDF (non-compliant); OpenPGP S2K Iterated salted; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)