Module Name
Check Point CryptoCore
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
Embodiment
Multi-chip standalone
Description
Check Point Crypto Core is a 140-2 Level 1 cryptographic module for Windows 7, Mac OS X, and UEFI firmware. The module provides cryptographic services accessible in pre-boot mode, kernel mode and user mode on the respective platforms through implementation of platform specific binaries.
Tested Configuration(s)
- Mac OS X 10.7 (32-bit) running on a Apple MacBook Pro with PAA (Kernel Space)
- Mac OS X 10.7 (32-bit) running on a Apple MacBook Pro with PAA (User Space)
- Mac OS X 10.7 (32-bit) running on a Apple MacBook Pro without PAA (Kernel Space)
- Mac OS X 10.7 (32-bit) running on a Apple MacBook Pro without PAA (User Space)
- Mac OS X 10.7 (64-bit) running on a Apple MacBook Pro with PAA (Kernel Space)
- Mac OS X 10.7 (64-bit) running on a Apple MacBook Pro with PAA (User Space)
- Mac OS X 10.7 (64-bit) running on a Apple MacBook Pro without PAA (Kernel Space)
- Mac OS X 10.7 (64-bit) running on a Apple MacBook Pro without PAA (User Space)
- Microsoft Windows 7 (32-bit) running on a Dell OptiPlex 755 with PAA (Kernel Space)
- Microsoft Windows 7 (32-bit) running on a Dell OptiPlex 755 with PAA (User Space)
- Microsoft Windows 7 (32-bit) running on a Dell OptiPlex 755 without PAA (Kernel Space)
- Microsoft Windows 7 (32-bit) running on a Dell OptiPlex 755 without PAA (User Space)
- Microsoft Windows 7 (64-bit) running on a Dell OptiPlex 745 with PAA (Kernel Space)
- Microsoft Windows 7 (64-bit) running on a Dell OptiPlex 745 with PAA (User Space)
- Microsoft Windows 7 (64-bit) running on a Dell OptiPlex 745 without PAA (Kernel Space)
- Microsoft Windows 7 (64-bit) running on a Dell OptiPlex 745 without PAA (User Space)
- UEFI Pre-boot (64-bit) running on a Apple MacBook Pro with PAA (single-user mode)
- UEFI Pre-boot (64-bit) running on a Apple MacBook Pro without PAA
Approved Algorithms
AES |
Cert. #2182 |
DRBG |
Cert. #255 |
HMAC |
Cert. #1336 |
RNG |
Cert. #1104 |
RSA |
Cert. #1125 |
SHS |
Cert. #1891 |
Triple-DES |
Cert. #1382 |
Triple-DES MAC |
Triple-DES Cert. #1382, vendor affirmed |
Other Algorithms
AES (Cert. #2182, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Blowfish; CAST-128; CAST-256; DES; MD5; PKCS#5; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (non-compliant);