Module Name
VMware Kernel Cryptographic Module
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode with VMware NSS Cryptographic Module validated to FIPS 140-2 under Cert. #2155 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
The VMware Kernel Cryptographic Module is a flexible software library providing FIPS-140-2 approved cryptographic operations for VMware products and platforms.
Tested Configuration(s)
- VMware vCloud Networking and Security 5.5.0a Edge OS on VMware vSphere Hypervisor (ESXi) 5.5 running on HP ProLiant DL380e Gen8 Server with PAA
- VMware vCloud Networking and Security 5.5.0a Edge OS on VMware vSphere Hypervisor (ESXi) 5.5 running on HP ProLiant DL380e Gen8 Server without PAA (single-user mode)
Other Algorithms
DES; Triple-DES (non-compliant); AES-GCM (non-compliant); AES-CCM (non-compliant); AES-XTS (192 bit key; non-compliant); SHA-[384 and 512] (non-compliant); HMAC-SHA-[384 and 512] (non-compliant); RNG (X9.31 with stdrng; non-compliant)