Module Name
Security Module with CP/Q++
Historical Reason
Validation Sunsetting Policy - FIPS 140-1 Certificate
Caveat
When operated in FIPS mode
Security Level Exceptions
Embodiment
Multi-chip embedded
Description
The Security Module with CP/Q++ is the security-sensitive portion of the IBM 4758
Cryptographic Coprocessor. The Security Module is a tamper-responding, programmable module containing a CPU, encryption hardware, RAM, EEPROM, hardware random number generator, time of day clock, and firmware. The CP/Q++ control program provides basic services Coprocessor applications use for cryptographic and secure-storage processing. The validation affirms a secure environment in which to implement or extend an application program requiring secure storage, cryptographic capabilities, and processing integrity. The Coprocessor is available for use in typical PC servers and as features in IBM eServer iSeries, pSeries, and zSeries servers.
Approved Algorithms
| DSA |
Cert. #68 |
| DSA/SHA-1 |
Cert. #34 |
| RSA |
FIPS 186-2, vendor affirmed |
| SHA-1 |
Cert. #107 |
| Triple-DES |
Certs. #4 and #124 |
Other Algorithms
DES (Certs. #86 and #178); OAEP; RSA (ISO 9796)
Hardware Versions
P/N 04K9036, EC CF75600M
Firmware Versions
Miniboot 0 Version A, Miniboot 1 Version A, CP/Q++ 2.41
