Module Name
Oracle Linux 7 OpenSSH Server Cryptographic Module
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode with module Oracle Linux OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #3017 operating in FIPS mode
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Oracle Linux OpenSSH Cryptographic Module is a software module that supplies cryptographic support for the SSH protocol.
Tested Configuration(s)
- Oracle Linux 7.3 64 bit running on Oracle Server X6-2 with PAA
- Oracle Linux 7.3 64 bit running on Oracle Server X6-2 without PAA
- Oracle Linux 7.3 64 bit running on Oracle Server X7-2 with PAA
- Oracle Linux 7.3 64 bit running on Oracle Server X7-2 without PAA (single-user mode)
Approved Algorithms
| AES |
Certs. #4534, #4536, #4538, #5344, #5370 and #5396 |
| CVL |
Certs. #1217, #1253, #1837 and #1870 |
| DRBG |
Certs. #1491, #1493, #1495, #2064, #2079 and #2091 |
| ECDSA |
Certs. #1105 and #1417 |
| HMAC |
Certs. #2992, #2994, #2996, #3541, #3558 and #3573 |
| RSA |
Certs. #2469 and #2873 |
| SHS |
Certs. #3715, #3717, #3719, #4295, #4312 and #4329 |
| Triple-DES |
Certs. #2415 and #2710 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1217 and #1837 with CVL certs. #1253 and #1870, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1217 and #1837 with CVL certs. #1253 and #1870, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG
Software Versions
R7-2.0.0
