Module Name
Vormetric Data Security Manager Module
Historical Reason
SP 800-56Arev3 transition
Caveat
When Operated in FIPS mode. The protocol SSH shall not be used when operated in FIPS mode.
Security Level Exceptions
- Roles, Services, and Authentication: Level 3
- Cryptographic Key Management: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Vormetric Data Security Server is a multi-chip standalone cryptographic module. The Vormetric Data Security Server is the central point of management for the Vormetric Data Security product. It manages keys and policies, and controls Vormetric Transparent Encryption Agents. These agents contain the Vormetric Encryption Expert Cryptographic Module, which has been validated separately from this module.
Approved Algorithms
| AES |
Certs. #4845 and #5535 |
| CKG |
vendor affirmed |
| CVL |
Certs. #1481 and #1978 |
| DRBG |
Cert. #1702 |
| ECDSA |
Cert. #1239 |
| HMAC |
Certs. #3245 and #3687 |
| KTS |
AES Cert. #4845 and HMAC Cert. #3245; key establishment methodology provides 128 or 256 bits of
encryption strength |
| KTS |
AES Cert. #5535 |
| RSA |
Certs. #2663 and #2969 |
| SHS |
Certs. #3986 and #4442 |
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #1481 and #1978, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
