Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #2711

Details

Module Name
Red Hat Enterprise Linux NSS Cryptographic Module v4.0
Standard
FIPS 140-2
Status
Active
Sunset Date
1/29/2023
Validation Dates
8/15/2016
12/19/2016
1/30/2018
Overall Level
1
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Roles, Services, and Authentication: Level 2
  • Physical Security: N/A
  • Design Assurance: Level 2
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/
Tested Configuration(s)
  • Red Hat Enterprise Linux 7.1 running on HP ProLiant DL380p Gen8 with PAA
  • Red Hat Enterprise Linux 7.1 running on HP ProLiant DL380p Gen8 without PAA
  • Red Hat Enterprise Linux 7.1 running on IBM POWER8 Little Endian 8286-41A
  • Red Hat Enterprise Linux 7.1 running on IBM z13 (single-user mode)
FIPS Algorithms
AES Certs. #3604, #3605, #3606, #3607, #3608, #3609 and #3610
CVL Certs. #625, #626, #627, #628 and #629
DRBG Certs. #935, #936, #937, #938 and #940
DSA Certs. #1001, #1002, #1003, #1004 and #1005
ECDSA Certs. #738, #739, #740, #741 and #742
HMAC Certs. #2299, #2300, #2301, #2303 and #2305
RSA Certs. #1853, #1854, #1855, #1856, #1857, #2031, #2032, #2033, #2034 and #2035
SHS Certs. #2965, #2966, #2967, #2969 and #2971
Triple-DES Certs. #2006, #2007, #2008, #2009 and #2010
Other Algorithms
AES (Certs. #3604, #3605, #3606, #3607, #3608, #3609 and #3610, key unwrapping); Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Triple-DES (Certs. #2006, #2007, #2008, #2009 and #2010, key unwrapping)
Software Versions
4.0

Vendor

Red Hat®, Inc.
100 East Davie Street
Raleigh, NC 27601
USA

Steve Grubb
sgrubb@redhat.com
Phone: 978-392-1000
Fax: 978-392-1001
Jaroslav Reznik
jreznik@redhat.com
Phone: +420 532 294 645

Lab

atsec information security corporation
NVLAP Code: 200658-0