Module Name
HP-UX Kernel Cryptographic Module
Caveat
When installed, initialized and configured as specified in Section 3 of the Security Policy. When operated in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
HP-UX Kernel Crypto Module (HP-UX KCM) is a kernel-space crypto engine in the HP-UX operating system containing core cryptographic algorithms and operations in a single shared library. It implements asymmetric, symmetric, and digest operations that are used by HP-UX security solutions. HP-UX KCM is available on HP-UX 11i v3 operating system on the HPE Integrity Platform and the HPE Portable HP-UX Platform.
Tested Configuration(s)
- HP-UX 11i v3 on HPE Portable HP-UX on Red Hat Enterprise Linux Server 7.5 (x86-64) running on an HPE ProLiant DL580 Gen10 with an Intel Xeon Gold 6146 (single user mode)
- HP-UX 11i v3 running on an HPE Integrity BL860c i2 server blade with an Intel Itanium Processor 9350
- HP-UX 11i v3 running on an HPE Integrity BL890c i6 server blade with an Intel Itanium Processor 9740
Approved Algorithms
| AES |
Cert. #2488 |
| CKG |
vendor affirmed |
| DRBG |
Cert. #346 |
| HMAC |
Cert. #1530 |
| RSA |
Cert. #1277 |
| SHS |
Cert. #2106 |
Other Algorithms
RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
