Module Name
Attivo Cryptographic Provider
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Attivo Cryptographic Provider is a component of Attivo Networks’ products such as the Attivo Central Manager 200, BOTsink 3200, and BOTsink 5100. These products constitute the Attivo ThreatMatrix Deception and Response Platform which detects stolen credentials, ransomware, and targeted attacks within user networks, data centers, clouds, SCADA, and IoT environments by deceiving attackers into revealing themselves. The detections along with comprehensive attack analysis and actionable alerts empower accelerated incident response.
Tested Configuration(s)
- Open JDK 1.8 on CentOS 6.5 Intel 64-bit on ESXi 5.5.0 running on an Intel(R) Xeon(R) CPU E5-2620 v2 @ 2.10GHz system
Approved Algorithms
AES |
Cert. #4049 |
CVL |
Certs. #878, #879 and #1190 |
DRBG |
Cert. #1213 |
DSA |
Cert. #1095 |
ECDSA |
Cert. #908 |
HMAC |
Cert. #2644 |
KAS |
Cert. #90 |
KAS |
SP 800-56Arev2, vendor affirmed |
KBKDF |
Cert. #99 |
KTS |
vendor affirmed |
KTS |
AES Cert. #4049; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
Triple-DES Cert. #2215; key establishment methodology provides 112 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Cert. #2084 |
SHA-3 |
Cert. #9 |
SHS |
Cert. #3339 |
Triple-DES |
Cert. #2215 |
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)