U.S. flag   An official website of the United States government
Dot gov

Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Https

Secure .gov websites use HTTPS
A lock (Dot gov) or https:// means you've safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4158

Details

Module Name
Cryptographic Module for IntelĀ® Converged Security and Manageability Engine (CSME)
Standard
FIPS 140-2
Status
Active
Sunset Date
9/21/2026
Overall Level
1
Caveat
When operated in FIPS mode
Module Type
Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Module for IntelĀ® Converged Security and Manageability Engine(CSME) (hereafter referred to as 'the module') is classified as a multiple-chip standalone firmware-hybrid module for FIPS 140-2 purpose. The module consists of both hardware and firmware. The hardware portion is the Converged Security Engine (CSE) and the firmware portion is the crypto driver process of the Manageability Engine (ME). The two portions form the logical cryptographic boundary and they combine as Converged Security and Manageability Engine (CSME) to perform cryptographic functions within the Cannon Point PCH applications executing on the CSME.
Tested Configuration(s)
  • embedded IA-32 dedicated to support the functionality of the CSME firmware version 12.0.70.1652 running on Cannon Point PCH with Intel Whiskey Lake with device firmware version 12.0.70.1652
  • embedded IA-32 dedicated to support the functionality of the CSME firmware version 12.0.70.1652 running on Intel Cannon Point PCH with Intel Coffee Lake with device firmware version 12.0.70.1652
FIPS Algorithms
AES Certs. #C1769 and #C1770
CVL Certs. #C1769 and #C1770
DRBG Certs. #C1769 and #C1770
ECDSA Certs. #C1769 and #C1770
ENT P
HMAC Certs. #C1769 and #C1770
KAS-SSC Cert. #A688
KBKDF Certs. #C1769 and #C1770
KTS AES Certs. #C1769 and #C1770; key establishment methodology provides 128 or 256 bits of encryption strength
KTS vendor affirmed; key establishment methodology provides 112 bits of encryption strength
PBKDF vendor affirmed
RSA Certs. #C1769 and #C1770
SHS Certs. #C1769 and #C1770
Allowed Algorithms
N/A
Hardware Versions
3.0
Firmware Versions
12.0.70.1652

Vendor

Intel Corporation
2200 Mission College Blvd.
Santa Clara, CA 95054
USA

Prashant Madhukar
prashant.madhukar@intel.com
Phone: 408-765-2996

Validation History

Date Type Lab
2/17/2022 Initial ATSEC INFORMATION SECURITY CORP