Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #3107


Module Name
Carbon Black Cryptographic Module
FIPS 140-2
 Historical Reason
Moved to historical list due to sunsetting
Overall Level
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. This validation entry is a non-security relevant modification to Cert. #2038.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Multi-Chip Stand Alone
The Carbon Black Cryptographic Module delivers core cryptographic functions (including Suite B algorithms) to Cb Response and Cb Protection. These products rely on the Carbon Black Cryptographic Module for secure key management, data integrity, data at rest encryption, and secure communications.
Tested Configuration(s)
  • Windows Server 2008 R2 on a Dell OptiPlex 755 (single-user mode)
Approved Algorithms
AES Cert. #2273
CVL Cert. #44
DRBG Cert. #281
DSA Cert. #709
ECDSA Cert. #368
HMAC Cert. #1391
RSA Cert. #1166
SHS Cert. #1954
Triple-DES Cert. #1420
Allowed Algorithms
EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions


Carbon Black, Inc.
1100 Winter St.
Waltham, MA 02451

Damon Cabanillas

Validation History

Date Type Lab
1/9/2018 Initial ACUMEN SECURITY, LLC
2/13/2018 Update ACUMEN SECURITY, LLC