Module Name
Ubuntu 16.04 Kernel Crypto API Cryptographic Module
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Sections 9.1 of the Security Policy.
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Ubuntu 16.04 Kernel Crypto API module is a software module running as part of the operating system kernel that provides general purpose cryptographic services.
Tested Configuration(s)
- Ubuntu 16.04 LTS 64-bit running on Supermicro SYS-5018R-WR with Intel Xeon E5 with PAA
- Ubuntu 16.04 LTS 64-bit running on Supermicro SYS-5018R-WR with Intel Xeon E5 without PAA (single-user mode)
Approved Algorithms
AES |
Certs. #C1210, #C1211, #C1212, #C1213, #C1214, #C1215, #C1216, #C1220, #C1221, #C1222 and #C1303 |
DRBG |
Certs. #C1217, #C1218, #C1219, #C1220, #C1221 and #C1222 |
HMAC |
Certs. #C1217, #C1218, #C1219 and #C1222 |
KTS |
AES Certs. #C1210, #C1211, #C1212, #C1213, #C1214, #C1215, #C1216, #C1220, #C1221, #C1222 and #C1303; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
AES Certs. #C1210, #C1211, #C1212, #C1213, #C1214, #C1215, #C1216, #C1220, #C1221, #C1222 and #C1303 and HMAC Certs. #C1217, #C1218, #C1219 and #C1222; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Certs. #C1220 and #C1222 and HMAC Certs. #C1217, #C1218, #C1219 and #C1222; key establishment methodology provides 112 bits of encryption strength |
RSA |
Certs. #C1217, #C1218, #C1219 and #C1222 |
SHS |
Certs. #C1217, #C1218, #C1219 and #C1222 |
Triple-DES |
Certs. #C1220 and #C1222 |
Allowed Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 149 bits of encryption strength)