Module Name
Harmony Endpoint FDE and MEPP CryptoCore
Caveat
When operated in FIPS mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Physical Security: N/A
- EMI/EMC: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Check Point CryptoCore is a 140-2 Level 1 cryptographic module for Windows 10 and macOS Sierra. The module provides cryptographic services accessible in kernel mode and user mode on the respective platforms through implementation of platform specific binaries.
Tested Configuration(s)
- macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro with an Intel Core i7-3540M with PAA (Kernel Space)
- macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro with an Intel Core i7-3540M with PAA (User Space)
- macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro with an Intel Core i7-3540M without PAA (Kernel Space) (single-user mode)
- macOS Sierra 10.12 (64-bit) running on an Apple MacBook Pro with an Intel Core i7-3540M without PAA (User Space)
- Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad with an Intel Core i5-3210M with PAA (Kernel Space, VS2008)
- Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad with an Intel Core i5-3210M with PAA (User Space, VS2008)
- Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad with an Intel Core i5-3210M without PAA (Kernel Space, VS2008)
- Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo Thinkpad with an Intel Core i5-3210M without PAA (User Space, VS2008)
- Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo X1 Carbon with an Intel Core-i7-7500U with PAA (User Space, VS2017)
- Microsoft Windows 10 Anniversary Update (64-bit) running on a Lenovo X1 Carbon with an Intel Core-i7-7500U without PAA (User Space, VS2017)
Approved Algorithms
AES |
Cert. #4112 |
DRBG |
Cert. #1238 |
HMAC |
Cert. #2687 |
KTS |
AES Cert. #4112; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Cert. #2225 |
SHA-3 |
Cert. #7 |
SHS |
Cert. #3385 |
Triple-DES |
Cert. #2247 |
Triple-DES MAC |
Triple-DES Cert. #2247, vendor affirmed |
Other Algorithms
RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength)