Cryptographic Module Validation Program

Cryptographic Module Validation Program CMVP

Certificate #2218

Historical - The referenced cryptographic module should not be included by Federal Agencies in new procurements. Agencies may make a risk determination on whether to continue using this module based on their own assessment of where and how it is used.

Details

Module Name

Tripwire Cryptographic Module

Standard

FIPS 140-2

Status

Historical

Historical Reason

RNG SP800-131A Revision 1 Transition

Overall Level

Caveat

When operated in FIPS mode. No assurance of the minimum strength of generated keys

Security Level Exceptions

Physical Security: N/A
Design Assurance: Level 3
Mitigation of Other Attacks: N/A

Module Type

Software

Embodiment

Multi-chip standalone

Description

The Tripwire Cryptographic Module supports many FIPS approved cryptographic operations, providing other Tripwire products and Java-based applications access to these algorithms via the standard Java Cryptographic Extension (JCE) framework.

Tested Configuration(s)

Java SE Runtime Environment (build 1.6.0_33-b05) [JavaHotSpot 64-bit Server VM (build 20.8-b03 mixed mode)] on Windows 2008 Server R2 with SP1 (64-bit) running on a Dell Optiplex 9010 (single-user mode)
Java SE Runtime Environment (build 1.6.0_33-b05) [JavaHotSpot 64-bit Server VM (build 20.8-b03 mixed mode)] on Windows 2008 Server R2 with SP1 (64-bit) running on a Dell Optiplex 960

Approved Algorithms

AES	Cert. #2719
CVL	Cert. #176
DSA	Cert. #835
HMAC	Cert. #1698
RNG	Cert. #1260
RSA	Cert. #1414
SHS	Cert. #2284

Other Algorithms

MD5; HMAC-MD5; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)

Software Versions

2.0

Product URL

http://www.tripwire.com/fips

Vendor

Tripwire, Inc.
101 SW Main St.
Suite 1500
Portland, OR 97204
USA

Phone: 503-276-7500
Fax: 503-223-0182

Related Files

Security Policy
Consolidated Certificate

Validation History

Date	Type	Lab
8/7/2014	Initial	ÆGISOLVE