Computer Security Resource Center

Computer Security Resource Center

Computer Security
Resource Center

Cryptographic Module Validation Program

Certificate #3541

Details

Module Name
Nutanix Cryptographic Module for BoringSSL
Standard
FIPS 140-2
Status
Active
Sunset Date
11/1/2023
Validation Dates
10/1/2019
11/14/2019
Overall Level
1
Caveat
The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Nutanix Cryptographic Module for BoringSSL is a suite of FIPS Approved algorithms used for TLS and other cryptographic functions.
Tested Configuration(s)
  • CentOS 7.5 running on Nutanix NX-3360-G6 and Intel Xeon 4116 with PAA (clang Compiler Version 6.0.1)
  • CentOS 7.5 running on Nutanix NX-3360-G6 and Intel Xeon 4116 without PAA (clang Compiler Version 6.0.1)
  • Debian Linux 4.9.0 running on Intel Xeon E5-2680 with PAA (clang Compiler Version 6.0.1)
  • Debian Linux 4.9.0 running on Intel Xeon E5-2680 without PAA (clang Compiler Version 6.0.1)
  • Ubuntu Linux 18.04 running on POWER9 with PAA (clang Compiler Version 6.0.1) (single-user mode)
  • Ubuntu Linux 18.04 running on POWER9 without PAA (clang Compiler Version 6.0.1)
FIPS Algorithms
AES Certs. #5612 and #C1256
CKG vendor affirmed
CVL Certs. #2033, #2034, #2035 and #C1256
DRBG Certs. #2253 and #C1256
ECDSA Certs. #1520 and #C1256
HMAC Certs. #3743 and #C1256
KTS AES Certs. #5612 and #C1256; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Certs. #3020 and #C1256
SHS Certs. #4509 and #C1256
Triple-DES Certs. #2825 and #C1256
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #2033, #2035 and #C1256; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
66005f41fbc3529ffe8d007708756720529da20d

Vendor

Nutanix, Inc.
1740 Technology Drive
Suite 150
San Jose, CA 95110
USA

Eric Hammersley
fips@nutanix.com
Ashutosh Pangasa
fips@nutanix.com

Lab

ACUMEN SECURITY, LLC
NVLAP Code: 201029-0