Module Name
Allegro Cryptographic Engine
Historical Reason
SP 800-56Arev3 transition - replaced by certificate #4627
Caveat
When installed, initialized and configured as specified in Section 3 of the Security Policy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Allegro’s suite of Embedded Device Security toolkits makes embedding standards-based security protocols into resource sensitive embedded systems and consumer electronics fast, easy and reliable. The Allegro Cryptographic Engine (ACE) is a cryptographic library module specifically engineered for embedded devices. The module provides embedded systems developers with an easily understood software interface to enable bulk encryption and decryption, message digests, digital signature creation and validation and key generation and exchange. For full details see www.allegrosoft.com/ace.
Tested Configuration(s)
- Linux Mint 18 Cinnamon running on an Intel NUC6i7KYK System with EYL QEC with Intel i7-6770HQ with PAA
- Linux Mint 18 Cinnamon running on an Intel NUC6i7KYK System with EYL QEC with Intel i7-6770HQ without PAA (single-user mode)
- Linux Mint 18 Cinnamon running on an Intel NUC6i7KYK System with Intel i7-6770HQ with PAA
- Linux Mint 18 Cinnamon running on an Intel NUC6i7KYK System with Intel i7-6770HQ without PAA
Approved Algorithms
| AES |
Certs. #5573 and #5574 |
| CKG |
vendor affirmed |
| CVL |
Certs. #2004, #2005, #2061 and #2062 |
| DRBG |
Certs. #2223 and #2224 |
| ECDSA |
Certs. #1504 and #1505 |
| HMAC |
Certs. #3714 and #3715 |
| KTS |
AES Certs. #5573 and #5574, key wrapping; key establishment methodology
provides between 128 and 256 bits of encryption strength |
| KTS |
AES Certs. #5573 and #5574 and HMAC Certs. #3714 and #3715, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength |
| PBKDF |
vendor affirmed |
| RSA |
Certs. #2999 and #3000 |
| SHS |
Certs. #4477 and #4478 |
Allowed Algorithms
EC Diffie-Hellman (Certs. #2004 and #2005, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
