Cryptographic Module Validation Program CMVP

Certificate #2788

Details

Module Name
Check Point CryptoCore
Standard
FIPS 140-2
Status
Active
Sunset Date
11/6/2021
Validation Dates
11/07/2016;07/16/2019
Overall Level
1
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
  • Physical Security: N/A
  • EMI/EMC: Level 3
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Check Point CryptoCore is a 140-2 Level 1 cryptographic module for Windows 10 and macOS Sierra. The module provides cryptographic services accessible in kernel mode and user mode on the respective platforms through implementation of platform specific binaries.
Tested Configuration(s)
  • Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad with PAA (User Space, VS2008), Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad without PAA (User Space, VS2008), Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo X1 Carbon with PAA (User Space, VS2017), Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo X1 Carbon without PAA (User Space, VS2017), Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad with PAA (Kernel Space, VS2008), Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad without PAA (Kernel Space, VS2008), macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro with PAA (User Space), macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro without PAA (User Space), macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro with PAA (Kernel Space), macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro without PAA (Kernel Space) (single-user mode)
FIPS Algorithms
AES Cert. #4112
DRBG Cert. #1238
HMAC Cert. #2687
KTS AES Cert. #4112; key establishment methodology provides between 128 and 256 bits of encryption strength
PBKDF vendor affirmed
RSA Cert. #2225
SHA-3 Cert. #7
SHS Cert. #3385
Triple-DES Cert. #2247
Triple-DES MAC Triple-DES Cert. #2247, vendor affirmed
Other Algorithms
NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Blowfish; CAST-128; CAST-256; DES; MD5
Software Versions
4.0

Vendor

Check Point Software Technologies Ltd.
2101 Gaither Road
Suite 350
Rockville, MD 20850
USA

Malcom Levy
mlevy@checkpoint.com
Phone: +972-37534561
Fax: 732-416-1370

Lab

Leidos Accredited Testing & Evaluation (AT&E) Labs (formerly SAIC)
NVLAP Code: 200427-0