Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3541

Details

Module Name
Nutanix Cryptographic Module for BoringSSL
Standard
FIPS 140-2
Status
Historical
 Historical Reason
SP 800-56Arev3 transition
Overall Level
1
Caveat
The module generates cryptographic keys whose strengths are modified by available entropy.
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Nutanix Cryptographic Module for BoringSSL is a suite of FIPS Approved algorithms used for TLS and other cryptographic functions.
Tested Configuration(s)
  • CentOS 7.5 running on Nutanix NX-3360-G6 with an Intel Xeon 4116 with PAA (clang Compiler Version 6.0.1)
  • CentOS 7.5 running on Nutanix NX-3360-G6 with an Intel Xeon 4116 without PAA (clang Compiler Version 6.0.1)
  • CentOS 7.9 on Nutanix AHV Hypervisor v7.0 running on Nutanix NX-3060-G7 Appliance with an Intel® Xeon® Gold 6234 with PAA (clang Compiler Version 6.0.1)
  • CentOS 7.9 on Nutanix AHV Hypervisor v7.0 running on Nutanix NX-3060-G7 Appliance with an Intel® Xeon® Gold 6234 without PAA (clang Compiler Version 6.0.1)
  • Debian Linux 4.9.0 running on Intel Xeon E5-2680 with PAA (clang Compiler Version 6.0.1)
  • Debian Linux 4.9.0 running on Intel Xeon E5-2680 without PAA (clang Compiler Version 6.0.1)
  • Ubuntu Linux 18.04 running on POWER9 with PAA (clang Compiler Version 6.0.1)
  • Ubuntu Linux 18.04 running on POWER9 without PAA (clang Compiler Version 6.0.1) (single-user mode)
Approved Algorithms
AES Certs. #5612, #C1256 and #A1229
CKG vendor affirmed
CVL Certs. #2033, #2034, #2035, #C1256 and #A1229
DRBG Certs. #2253, #C1256 and #A1229
ECDSA Certs. #1520, #C1256 and #A1229
HMAC Certs. #3743, #C1256 and #A1229
KTS AES Certs. #5612, #C1256 and #A1129; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Certs. #3020, #C1256 and #A1229
SHS Certs. #4509, #C1256 and #A1229
Triple-DES Certs. #2825, #C1256 and #A1229
Allowed Algorithms
EC Diffie-Hellman (CVL Certs. #2033, #2035, #C1256 and #A1229; key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
Software Versions
66005f41fbc3529ffe8d007708756720529da20d

Vendor

Nutanix, Inc.
1740 Technology Drive
Suite 150
San Jose, CA 95110
USA

Matt Keller
[email protected]
 Ashutosh Pangasa
[email protected]

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
10/1/2019 Initial Acumen Security
11/14/2019 Update Acumen Security
5/26/2020 Update Acumen Security
6/2/2021 Update Acumen Security