Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2610

Details

Module Name
Apple OS X CoreCrypto Module, v6.0
Standard
FIPS 140-2
Status
Active
Sunset Date
4/4/2021
Validation Dates
4/5/2016
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Apple OS X CoreCrypto Module is a software cryptographic module running on a multi-chip standalone mobile device and provides services intended to protect data in transit and at rest.
Tested Configuration(s)
  • OS X El Capitan v10.11 running on iMac with i7 CPU with PAA
  • OS X El Capitan v10.11 running on iMac with i7 CPU without PAA
  • OS X El Capitan v10.11 running on Mac mini with i5 CPU with PAA
  • OS X El Capitan v10.11 running on Mac mini with i5 CPU without PAA
  • OS X El Capitan v10.11 running on MacBook with Core M CPU with PAA
  • OS X El Capitan v10.11 running on MacBook with Core M CPU without PAA (single-user mode)
  • OS X El Capitan v10.11 running on MacPro with Xeon CPU with PAA
  • OS X El Capitan v10.11 running on MacPro with Xeon CPU without PAA
FIPS Algorithms
AES Certs. #3797, #3798, #3799, #3800, #3801, #3802, #3803, #3804, #3805, #3806, #3807, #3808, #3809, #3810, #3811, #3812, #3813, #3814, #3815, #3816, #3817, #3818, #3819, #3820, #3821, #3822, #3823, #3824, #3825, #3826, #3827, #3828, #3829, #3830, #3831, #3832, #3833, #3834, #3835 and #3847
CVL Certs. #722, #723, #724, #725, #726, #727, #728 and #729
DRBG Certs. #1059, #1060, #1061, #1062, #1063, #1064, #1065, #1066, #1067, #1068, #1069, #1070, #1071, #1072, #1073, #1074, #1075, #1076, #1077, #1078, #1079, #1080, #1081 and #1091
ECDSA Certs. #820, #821, #822, #823, #824, #825, #826 and #827
HMAC Certs. #2325, #2326, #2327, #2328, #2329, #2330, #2331, #2332, #2333, #2334, #2335, #2336, #2337, #2338, #2339, #2340, #2341, #2342, #2343, #2344, #2345, #2346, #2347, #2348, #2479, #2480, #2481, #2482, #2483, #2484, #2485 and #2486
KTS AES Certs. #3797, #3798, #3799, #3800, #3801, #3802, #3803, #3804, #3805, #3806, #3807, #3808, #3809, #3810, #3811, #3812, #3813, #3814, #3815, #3816, #3817, #3818, #3819, #3820, #3821, #3822, #3823, #3824, #3825, #3826, #3827, #3828, #3829, #3830, #3831, #3832, #3833, #3834, #3835 and #3847; key establishment methodology provides between 128 and 160 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #1953, #1954, #1955, #1956, #1957, #1958, #1959 and #1960
SHS Certs. #2991, #2992, #2993, #2994, #2995, #2996, #2997, #2998, #2999, #3000, #3001, #3002, #3003, #3004, #3005, #3006, #3007, #3008, #3009, #3010, #3011, #3012, #3013, #3014, #3152, #3153, #3154, #3155, #3156, #3157, #3158 and #3159
Triple-DES Certs. #2106, #2107, #2108, #2109, #2110, #2111, #2112 and #2113
Other Algorithms
AES (non-compliant); ANSI X9.63 KDF; Blowfish; CAST5; DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides 128 or 160 bits of encryption strength); ECDSA (non-compliant); Ed25519; Hash_DRBG (non-compliant); HMAC_DRBG (non-compliant); Integrated Encryption Scheme on elliptic curves; KBKDF (non-compliant); MD2; MD4; MD5; OMAC (One-Key CBC MAC); RC2; RC4; RFC6637 KDF; RIPEMD; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (non-compliant); Triple-DES (non-compliant)
Software Versions
6.0

Vendor

Apple Inc.
1 Infinite Loop
Cupertino, CA 95041
USA

Shawn Geddis
geddis@apple.com
Phone: (669) 227-3579
Fax: (866) 315-1954

Lab

atsec information security corporation
NVLAP Code: 200658-0