Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2597

Details

Module Name
Apple OS X CoreCrypto Kernel Module v6.0
Standard
FIPS 140-2
Status
Active
Sunset Date
3/28/2021
Validation Dates
3/29/2016
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Apple OS X CoreCrypto Kernel Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
  • OS X El Capitan v10.11 running on iMac with i7 CPU with PAA
  • OS X El Capitan v10.11 running on iMac with i7 CPU without PAA
  • OS X El Capitan v10.11 running on Mac mini with i5 CPU with PAA
  • OS X El Capitan v10.11 running on Mac mini with i5 CPU without PAA
  • OS X El Capitan v10.11 running on MacBook with Core M CPU with PAA
  • OS X El Capitan v10.11 running on MacBook with Core M CPU without PAA (single-user mode)
  • OS X El Capitan v10.11 running on MacPro with Xeon CPU with PAA
  • OS X El Capitan v10.11 running on MacPro with Xeon CPU without PAA
FIPS Algorithms
AES Certs. #3781, #3782, #3783, #3784, #3785, #3786, #3787, #3788, #3789, #3790, #3791, #3792, #3793, #3794, #3795 and #3796
DRBG Certs. #1047, #1048, #1049, #1050, #1051, #1052, #1053, #1054, #1055, #1056, #1057 and #1058
ECDSA Certs. #816, #817, #818 and #819
HMAC Certs. #2358, #2359, #2360, #2361, #2362, #2363, #2364, #2365, #2366, #2367, #2368, #2369, #2370, #2371, #2372, #2373, #2475, #2476, #2477 and #2478
KTS AES Certs. #3781, #3782, #3783, #3784, #3785, #3786, #3787, #3788, #3789, #3790, #3791, #3792, #3793, #3794, #3795 and #3796; key establishment methodology provides between 128 and 160 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #1949, #1950, #1951 and #1952
SHS Certs. #3024, #3025, #3026, #3027, #3028, #3029, #3030, #3031, #3032, #3033, #3034, #3035, #3036, #3037, #3038, #3039, #3148, #3149, #3150 and #3151
Triple-DES Certs. #2102, #2103, #2104 and #2105
Other Algorithms
AES (non-compliant); AES-CMAC (non-compliant); ANSI X9.63 KDF; Blowfish; CAST5; DES; ECDSA (non-compliant); Ed25519; Hash_DRBG (non-compliant); HMAC_DRBG (non-compliant); Integrated Encryption Scheme on elliptic curves; KBKDF (non-compliant); MD2; MD4; MD5; OMAC; RC2; RC4; RFC6637 KDF; RIPEMD; RSA (key wrapping; key establishment methodology provides between 128 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SP800-56C KDF; Triple-DES (non-compliant)
Software Versions
6.0

Vendor

Apple Inc.
1 Infinite Loop
Cupertino, CA 95041
USA

Shawn Geddis
geddis@apple.com
Phone: (669)227-3579
Fax: (866)315-1954

Lab

atsec information security corporation
NVLAP Code: 200658-0