Module Name
HYCU Cryptographic Library
Historical Reason
Moved to historical list due to sunsetting
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. No assurance of the minimum strength of generated keys. This validation entry is a non-security relevant modification to Cert. #2768
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
HYCU Cryptographic Library is a software library that provides cryptographic services to HYCU Data Protection for Nutanix, the only purpose-built data protection solution, built from the ground up with the Nutanix administrator in mind. The module provides FIPS 140 validated cryptographic algorithms for multiple services such as TLS and File Encryption.
Tested Configuration(s)
- Java SE Runtime Environment v7 (1.7.0) on Solaris 11 on vSphere 6 running on a Cisco UCSB-B200-M4 Blade
- Java SE Runtime Environment v8 (1.8.0) on Centos 6.4 on vSphere 6 running on a Cisco UCSB-B200-M4 Blade (single-user mode)
- Java SE Runtime Environment v8 (1.8.0) on Ubuntu 14.04 LTS on VMWare ESXi 6.0 running on a Simplicity OmniCube (single-user mode)
Approved Algorithms
| AES |
Cert. #3756 |
| CVL |
Certs. #704, #705 and #706 |
| DRBG |
Cert. #1031 |
| DSA |
Cert. #1043 |
| ECDSA |
Cert. #804 |
| HMAC |
Cert. #2458 |
| KAS |
Cert. #73 |
| KAS |
SP 800-56Arev2, vendor affirmed |
| KBKDF |
Cert. #78 |
| KTS |
vendor affirmed |
| KTS |
AES Cert. #3756; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
Triple-DES Cert. #2090; key establishment methodology provides 112 bits of encryption strength |
| PBKDF |
Vendor affirmed |
| RSA |
Cert. #1932 |
| SHA-3 |
Cert. #3 |
| SHS |
Cert. #3126 |
| Triple-DES |
Cert. #2090 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #704, key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength);
