Module Name
Apple iOS CoreCrypto Kernel Module v5.0
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-chip standalone
Description
The Apple iOS CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
- iOS 8.0 running on iPad (3rd generation) with Apple A5X CPU
- iOS 8.0 running on iPad (4th generation) with Apple A6X CPU
- iOS 8.0 running on iPad Air 2 with Apple A8X CPU (single-user mode)
- iOS 8.0 running on iPhone4S with Apple A5 CPU
- iOS 8.0 running on iPhone5 with Apple A6 CPU
- iOS 8.0 running on iPhone5S with Apple A7 CPU
- iOS 8.0 running on iPhone6 (iPhone6 and iPhone6 Plus) with Apple A8 CPU
Approved Algorithms
AES |
Certs. #3096, #3097, #3098, #3099, #3100, #3101, #3317, #3318, #3319, #3320, #3321, #3322, #3371 and #3380 |
DRBG |
Certs. #763, #764, #765, #766, #767, #768 and #803 |
ECDSA |
Certs. #646, #647, #648, #649, #650, #651 and #671 |
HMAC |
Certs. #1939, #1940, #1941, #1942, #1943, #1968, #2108, #2109, #2110, #2111, #2112, #2113, #2150 and #2153 |
PBKDF |
vendor affirmed |
RSA |
Certs. #1698, #1699, #1700, #1701, #1702, #1703 and #1735 |
SHS |
Certs. #2558, #2559, #2560, #2561, #2562, #2587, #2749, #2750, #2751, #2752, #2753, #2754, #2795 and #2798 |
Triple-DES |
Certs. #1889, #1890, #1891, #1892, #1893, #1894 and #1919 |
Other Algorithms
AES (non-compliant); ECDSA (non-compliant); RSA (key wrapping; key establishment methodology provides between 128 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); DES; Triple-DES (non-compliant); MD2; MD4; MD5; RIPEMD; Ed25519; CAST5; ANSI X9.63 KDF; RFC6637 KDF; KBKDF (non-compliant); SP800-56C KDF; Blowfish; RC2; RC4; CMAC AES 128; OMAC; HMAC DRBG (non-compliant); Hash DRBG (non-compliant); Integrated Encryption Scheme on elliptic curves