Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3541

Details

Module Name
Nutanix Cryptographic Module for BoringSSL
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
1
Caveat
The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Nutanix Cryptographic Module for BoringSSL is a suite of FIPS Approved algorithms used for TLS and other cryptographic functions.
Tested Configuration(s)
  • CentOS 7.5 running on Nutanix NX-3360-G6 with an Intel Xeon 4116 with PAA (clang Compiler Version 6.0.1)
  • CentOS 7.5 running on Nutanix NX-3360-G6 with an Intel Xeon 4116 without PAA (clang Compiler Version 6.0.1)
  • CentOS 7.9 on Nutanix AHV Hypervisor v7.0 running on Nutanix NX-3060-G7 Appliance with an Intel® Xeon® Gold 6234 with PAA (clang Compiler Version 6.0.1)
  • CentOS 7.9 on Nutanix AHV Hypervisor v7.0 running on Nutanix NX-3060-G7 Appliance with an Intel® Xeon® Gold 6234 without PAA (clang Compiler Version 6.0.1)
  • Debian Linux 4.9.0 running on Intel Xeon E5-2680 with PAA (clang Compiler Version 6.0.1)
  • Debian Linux 4.9.0 running on Intel Xeon E5-2680 without PAA (clang Compiler Version 6.0.1)
  • Ubuntu Linux 18.04 running on POWER9 with PAA (clang Compiler Version 6.0.1)
  • Ubuntu Linux 18.04 running on POWER9 without PAA (clang Compiler Version 6.0.1) (single-user mode)
Approved Algorithms
AES Certs. #5612, #C1256 and #A1229
CKG vendor affirmed
CVL Certs. #2033, #2034, #2035, #C1256 and #A1229
DRBG Certs. #2253, #C1256 and #A1229
ECDSA Certs. #1520, #C1256 and #A1229
HMAC Certs. #3743, #C1256 and #A1229
KTS AES Certs. #5612, #C1256 and #A1129; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Certs. #3020, #C1256 and #A1229
SHS Certs. #4509, #C1256 and #A1229
Triple-DES Certs. #2825, #C1256 and #A1229
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #2033, #2035, #C1256 and #A1229; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
66005f41fbc3529ffe8d007708756720529da20d

Vendor

Nutanix, Inc.
1740 Technology Drive
Suite 150
San Jose, CA 95110
USA

Matt Keller
fips@nutanix.com
 Ashutosh Pangasa
fips@nutanix.com

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
10/1/2019 Initial ACUMEN SECURITY, LLC
11/14/2019 Update ACUMEN SECURITY, LLC
5/26/2020 Update ACUMEN SECURITY, LLC
6/2/2021 Update ACUMEN SECURITY, LLC