Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2411

Details

Module Name
Apple OS X CoreCrypto Kernel Module v5.0
Standard
FIPS 140-2
Status
Active
Sunset Date
7/21/2020
Validation Dates
7/22/2015
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-chip standalone
Description
The Apple OS X CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
  • OS X 10.10 running on iMac with i7 CPU with PAA
  • OS X 10.10 running on iMac with i7 CPU without PAA
  • OS X 10.10 running on Mac mini with i5 CPU with PAA
  • OS X 10.10 running on Mac mini with i5 CPU without PAA
  • OS X 10.10 running on MacBook with Core M CPU with PAA
  • OS X 10.10 running on MacBook with Core M CPU without PAA (single-user mode)
  • OS X 10.10 running on MacPro with Xeon CPU with PAA
  • OS X 10.10 running on MacPro with Xeon CPU without PAA
FIPS Algorithms
AES Certs. #3066, #3067, #3068, #3069, #3070, #3071, #3072, #3073, #3102, #3323, #3324, #3325, #3382, #3383, #3384 and #3385
DRBG Certs. #598, #599, #600, #601, #602, #609, #769, #770, #771, #805, #806 and #816
ECDSA Certs. #652, #653, #654 and #673
HMAC Certs. #1927, #1928, #1929, #1930, #1960, #1961, #1962, #1963, #1964, #1965, #1966, #1967, #2114, #2115, #2116, #2155, #2156, #2157, #2158 and #2159
PBKDF vendor affirmed
RSA Certs. #1704, #1705, #1706 and #1737
SHS Certs. #2543, #2544, #2545, #2546, #2579, #2580, #2581, #2582, #2583, #2584, #2585, #2586, #2755, #2756, #2757, #2800, #2801, #2802, #2803 and #2804
Triple-DES Certs. #1895, #1896, #1897 and #1921
Other Algorithms
AES (non-compliant); AES-CMAC (non-compliant); RSA (key wrapping; key establishment methodology provides between 128 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECDSA (non-compliant); DES; Triple-DES (non-compliant); ANSI X9.63 KDF; RFC6637 KDF; KBKDF (non-Compliant); SP800-56C KDF; MD2; MD4; MD5; RIPEMD; ed25519; CAST5; Blowfish; RC2; RC4; OMAC; HMAC-DRBG (non-compliant); Hash-DRBG (non-compliant); Integrated Encryption Scheme on elliptic curves
Software Versions
5.0

Vendor

Apple Inc.
1 Infinite Loop
Cupertino, CA 95041
USA

Shawn Geddis
geddis@apple.com
Phone: (669) 227-3579
Fax: (866) 315-1954

Lab

atsec
NVLAP Code: 200658-0