Module Name

IBM(R) Security QRadar(R) Cryptographic Security Kernel

Standard

FIPS 140-2

Status

Active

Sunset Date

2/1/2021

Validation Dates

02/02/2016

Overall Level

1

Caveat

The module generates cryptographic keys whose strengths are modified by available entropy

Security Level Exceptions

• Roles, Services, and Authentication: Level 2
• Physical Security: N/A
• Mitigation of Other Attacks: N/A

Module Type

Software

Embodiment

Multi-Chip Stand Alone

Description

The IBM(R) Security QRadar(R) Cryptographic Security Kernel is multi-algorithm library providing general-purpose cryptographic services. The purpose of the module is to provide a single API for cryptographic functionality that can provide centralized control over FIPS-Approved mode status, provide availability of only FIPS-Approved algorithms or vendor-affirmed implementations of non FIPS-Approved algorithms, and provide for centralized logging and reporting of the cryptographic engine.

Tested Configuration(s)

• Red Hat Enterprise Linux (RHEL) v6.5 running on a IBM System X3650 M4 BD (single-user mode)

FIPS Algorithms

AES	Cert. #3131
CVL	Cert. #397
DRBG	Cert. #753
HMAC	Cert. #1981
RSA	Cert. #1686
SHS	Cert. #2600
Triple-DES	Cert. #1794

Other Algorithms

Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 202 bits of encryption strength); MD5; HMAC MD5; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)

Software Versions

7.2