Module Name
VMware Cryptographic Module
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys.
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
The VMware Cryptographic Module is a software library providing FIPS 140-2 -approved cryptographic algorithms and services for protecting data-in-transit and data-at-rest on VMware products and platforms.
Tested Configuration(s)
- VMware vCloud Networking and Security 5.5.0a Edge OS on VMware vSphere Hypervisor (ESXi) 5.5 running on HP ProLiant DL380e Gen8 Server
- VMware vCloud Networking and Security 5.5.0a vShield Manager OS (VMware vCloud Networking and Security 5.5.0a App Firewall OS) on VMware vSphere Hypervisor (ESXi) 5.5 running on HP ProLiant DL380e Gen8 Server (single-user mode)
Other Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 and 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECDSA (non-compliant); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength)