Cryptographic Module Validation Program CMVP

Certificate #2988

Details

Module Name
Citrix FIPS Cryptographic Module
Standard
FIPS 140-2
Status
Active
Sunset Date
8/9/2022
Validation Dates
08/10/2017;02/07/2019;08/23/2019
Overall Level
1
Caveat
When operated in FIPS Mode. No assurance of the minimum strength of generated keys
Security Level Exceptions
  • Mitigation of Other Attacks: N/A
Module Type
Software-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The Citrix FIPS Cryptographic Module is a software toolkit which provides various cryptographic functions to support the Citrix product portfolio.
Tested Configuration(s)
  • Android 4.4 running on a Google Nexus 5 (LG D820) with PAA
  • Android 5 running on a Google Nexus 6 (Motorola Nexus 6 XT11003) with PAA
  • Android 6 running on a Google Nexus 6 (Motorola Nexus 6 XT11003) with PAA
  • Android 6 running on a Samsung Galaxy S6 (SM-G920T) with PAA
  • Android 7 running on a Google Nexus 5X (LG H790) with PAA
  • Android 7 running on a Google Nexus 6 (Motorola Nexus 6 XT11003) with PAA
  • Android 8 64bit running on a Google Pixel 2 with ARM v8-A with PAA
  • Android 9 running on a Google Pixel 2 with ARM v8-A with PAA
  • FreeBSD 8.4 32bit running on a Citrix NetScaler MPX-14000-FIPS with PAA
  • FreeBSD 8.4 64bit running on a Citrix NetScaler MPX-14000-FIPS with PAA
  • iOS 10 64bit running on an Apple 12.9-inch iPad Pro (A1584) with PAA
  • iOS 11 running on an iPhone X with ARM v8-A with PAA
  • Linux 3.10 64bit running on a CyberPowerPC GLC2460 with Intel Core i7 [8th Generation] with PAA
  • Linux 3.13 64bit running on a Lenovo 20EV002JUS with PAA
  • Linux 3.16 on ESXi 5 64bit running on a HP ProLiant DL2000 with PAA
  • Linux 3.16 on Hyper-V on Windows Server 2012 R2 64bit running on a HP ProLiant DL2000 with PAA
  • Linux 3.16 on XenServer 6 64bit running on a Dell PowerEdge C6100 with PAA
  • Linux 4.15 64bit running on a CyberPowerPC GLC2460 with Intel Core i7 [8th Generation with PAA
  • Linux 4.15 64bit running on a HPE ProLiant BL460c Gen9 with Intel Xeon E5-26XX v3 with PAA
  • Linux 4.15 64bit running on a HPE Proliant BL460c Gen9 with Intel Xeon E5-26XX v4 series with PAA
  • Linux 4.x on ESXi 5 64bit running on a HPE ProLiant BL460c Gen9 with Intel Xeon E5-26XX v4 series with PAA
  • Linux 4.x on Hyper-V on Windows Server 2012 R2 64bit running on a HPE ProLiant BL460c Gen9 with Intel Xeon E5-26XX v4 series with PAA
  • Linux 4.x on XenServer 7 64bit running on a Dell PowerEdge R320 with Intel Xeon E5-24XX v2 series with PAA
  • Linux 4.x on XenServer 7 64bit running on a HPE ProLiant BL460c Gen9 with Intel Xeon E5-26XX v4 series with PAA
  • Mac OS X 10.12 64bit running on an Apple Macbook Pro (A1398) with PAA
  • Mac OS X 10.13 64bit running on an Apple Mac Mini with Intel Corei7 [4th Generation] with PAA
  • NoTouch Desktop running on an N-computing RX-HDX for Citrix with ARM v8-A with PAA
  • ViewSonic Thin OS running on a ViewSonic VS16585 with PAA
  • Windows 10 32bit running on a Lenovo 20CD00B2US with PAA
  • Windows 10 64bit running on a CyberPowerPC GLC2460 with Intel Core i7 [8th Generation] with PAA
  • Windows 10 64bit running on a Lenovo 20EV002JUS with PAA
  • Windows 8.1 64bit running on a CyberPowerPC GLC2460 with Intel Corei7 [8th Generation] with PAA
  • Windows Server 2016 on HyperV on Windows Server 2016 64bit running on a HPE ProLiant BL460c Gen9 with Intel Xeon E5-26XX v3 series with PAA
  • Windows Server 2016 on HyperV on Windows Server 2016 64bit running on HPE Proliant BL460c Gen9 with Intel Xeon E5-26XX v4 series with PAA (single-user mode)
FIPS Algorithms
AES Cert. #4397
CKG vendor affirmed
CVL Certs. #1101, #1102, #1103, #1104, #1105 and #1106
DRBG Cert. #1417
DSA Cert. #1174
ECDSA Cert. #1056
HMAC Cert. #2923
KAS SP 800-56A-rev2 with CVL Certs. #1101, #1102, #1103 and #1106, vendor affirmed
KAS SP 800-56B with CVL Certs. #1101, #1102, #1103 and #1104, vendor affirmed
KTS AES Cert. #4397; key establishment methodology provides between 128 and 256 bits of encryption strength
PBKDF vendor affirmed
RSA Cert. #2379
SHS Cert. #3626
Triple-DES Cert. #2371
Allowed Algorithms
MD5
Hardware Versions
ARM v8-A, ARM v7-A, Intel Core i7 4th Generation, Intel Core i7 6th Generation, Intel Core i7 8th Generation, Intel Xeon 5600 series, Intel Xeon E5-2400 v4 series, Intel Xeon E5-2600 v2 series, Intel Xeon E5-2600 v3 series and Intel Xeon E5-2600 v4 series
Software Versions
1.0, 1.0.1 and 1.0.2

Vendor

Citrix Systems, Inc.
851 Cypress Creek Road
Fort Lauderdale, FL 33309
USA

Ben Tucker
Ben.Tucker@citrix.com
Phone: 954-267-3094
Jon Andersen
jonathan.andersen@citrix.com
Phone: 954-940-7737

Lab

UL VERIFICATION SERVICES INC
NVLAP Code: 100432-0