Module Name
SUSE Linux Enterprise Server 12 SP2 - NSS Cryptographic Module
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS Mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 2
Embodiment
Multi-Chip Stand Alone
Description
SUSE Network Security Services (NSS) is a set of libraries designed to support cross-platform development of security-enabled client and server applications.
Tested Configuration(s)
- SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure with PAA
- SUSE Linux Enterprise Server 12 SP2 running on FUJITSU Server PRIMERGY CX2570 M2 inside a CX400 M1 enclosure without PAA
- SUSE Linux Enterprise Server 12 SP2 running on IBM z13 without PAI (single-user mode)
Approved Algorithms
AES |
Certs. #5003, #5004 and #5005 |
CKG |
vendor affirmed |
CVL |
Certs. #1551, #1552, #1553, #1554, #1555 and #1556 |
DRBG |
Certs. #1824, #1825 and #1826 |
DSA |
Certs. #1309, #1310 and #1311 |
ECDSA |
Certs. #1272, #1273 and #1274 |
HMAC |
Certs. #3325, #3326 and #3327 |
KTS |
AES Certs. #5003, #5004 and #5005; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Certs. #2697, #2698 and #2699 |
SHS |
Certs. #4068, #4069 and #4070 |
Triple-DES |
Certs. #2580, #2581 and #2582 |
Allowed Algorithms
Diffie-Hellman (CVL Certs. #1551, #1553 and #1555 with CVL Certs. #1552, #1554 and #1556, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Certs. #1551, #1553 and #1555 with CVL Certs. #1552, #1554 and #1556, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); RSA (key wrapping; key methodology provides at least 112 bits of encryption strength)