Module Name
Cyphre Crypto Core
Historical Reason
SP 800-56Arev3 transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Module Type
Software Hybrid
Embodiment
Multi-Chip Stand Alone
Description
This OpenSSL library implementation provides services for the Cyphre Crypto Core appliance that enables the BlackTIE hardware cryptographic engine for all secure communication solutions, including but not limited to SSL/TLS, Data Protection, Encryption Gateways, PKI and Certificate/Key lifecycle management.
Tested Configuration(s)
- Ubuntu 16.04 LTS (Linux kernel 4.16.18) running on a Cyphre BlackTIE 1 Security Appliance with NXP QorIQ P4080 rev 3 processor (single-user mode)
Approved Algorithms
| AES |
Cert. #C609 |
| CVL |
Cert. #C609 |
| DRBG |
Cert. #C609 |
| ECDSA |
Cert. #C609 |
| HMAC |
Cert. #C609 |
| KTS |
AES Cert.#C609; key establishment methodology provides between 128 and 256 bits of encryption strength |
| KTS |
AES Cert. #C609 and HMAC Cert. #C609; key establishment methodology provides 128 or 256 bits of encryption strength |
| SHS |
Cert. #2109 |
Allowed Algorithms
EC Diffie-Hellman (CVL Cert. #C609 with CVL Cert. #C609, key agreement; key establishment methodology provides 128 or 192 bits of encryption strength); NDRNG
Hardware Versions
NXP QorIQ P4080 Rev3
Software Versions
OpenSSL-FIPS-Cyphre-v1.0
