Module Name
Symantec PGP Cryptographic Engine
Historical Reason
Moved to historical list due to sunsetting
Validation Dates
05/21/2015;07/06/2015
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-chip standalone
Description
The Symantec PGP Cryptographic Engine is a FIPS 140-2 validated software only cryptographic module. The module implements the cryptographic functions for Symantec Encryption products. It includes a wide range of field-tested and standards-based encryption, digital signature, and encoding algorithms as well as a variety of secure network protocol implementations.
Tested Configuration(s)
- Apple Mac OS X 10.7 with PAA running on Apple MacBook Pro
- Apple Mac OS X 10.7 without PAA running on Apple MacBook Pro
- Microsoft Windows 7 32-bit with PAA running on Dell M6600
- Microsoft Windows 7 32-bit without PAA running on Dell M6400
- Microsoft Windows 7 64-bit with PAA running on Dell M6600
- Microsoft Windows 7 64-bit without PAA running on Dell M6400
- Red Hat Enterprise Linux (RHEL) 6.2 32-bit with PAA running on Dell M6600
- Red Hat Enterprise Linux (RHEL) 6.2 32-bit without PAA running on Dell M6400
- Red Hat Enterprise Linux (RHEL) 6.2 64-bit with PAA running on Dell M6600
- Red Hat Enterprise Linux (RHEL) 6.2 64-bit without PAA running on Dell M6400 (single-user mode)
FIPS Algorithms
AES |
Certs. #2766, #2786, #2799, #2805, #2866, #2867, #2868, #2869, #2870 and #2871 |
CVL |
Certs. #240, #241, #248, #249, #302, #303, #304, #305, #306 and #307 |
DRBG |
Certs. #473, #474, #478, #479, #510, #511, #512, #513, #514 and #515 |
DSA |
Certs. #846, #847, #848, #849, #859, #860, #861, #862, #863 and #864 |
ECDSA |
Certs. #487, #488, #489, #490, #509, #510, #511, #512, #513 and #514 |
HMAC |
Certs. #1746, #1747, #1755, #1756, #1805, #1806, #1807, #1808, #1809 and #1810 |
RSA |
Certs. #1459, #1465, #1466, #1468, #1503, #1504, #1505, #1508, #1509 and #1510 |
SHS |
Certs. #2342, #2343, #2351, #2353, #2408, #2409, #2410, #2411, #2412 and #2413 |
Triple-DES |
Certs. #1675, #1676, #1683, #1684, #1711, #1712, #1713, #1714, #1715 and #1716 |
Other Algorithms
AES EME2 (non-compliant); AES PlumbCFB (non-compliant); AESMixCBC (non-compliant); MD5; RIPEMD160; MD2; KECCEK; RC2; ARC4; IDEA; CAST5; TwoFish; BlowFish; El Gamal; PBKDF2 (non-compliant); KBKDF (non-compliant); OpenPGP S2K Iterated salted; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)