Module Name
Cocoon Data Content Crypto Service
Historical Reason
Moved to historical list due to sunsetting
Caveat
When installed, initialized and configured as specified in the Security Policy Section 8 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
The Cocoon Data Platform implements the FIPS-197 standard Advanced Encryption Standard (AES) with 256-bit key sizes (AES-256) for encryption and decryption. These keys are used with a cryptographic algorithm to encrypt and decrypt content. The cryptographic keys are generated by the secure pseudo random number generator algorithm.
Tested Configuration(s)
- Ubuntu 20.04 with JDK 8 running on Dell PowerEdge R380 with Intel Xeon E3-1230v6 [3]
- Vmware Photon OS 2.0 with JDK 11 on Vmware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1], [2], [3]
- Vmware Photon OS 2.0 with JDK 7 on Vmware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1], [2], [3]
- Vmware Photon OS 2.0 with JDK 8 on Vmware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 [1], [2], [3] (single-user mode)
Approved Algorithms
AES |
Certs. #A1641, #A2113, #A2605 and #C2204 |
CKG |
vendor affirmed |
CVL |
Certs. #A1641, #A2113, #A2605 and #C2204 |
DRBG |
Certs. #A1641, #A2113, #A2605 and #C2204 |
DSA |
Cert. #A2605,#A2113,#A1641 and #C2204 |
ECDSA |
Certs. #A1641, #A2113, #A2605 and #C2204 |
HMAC |
Certs. #A1641, #A2113, #A2605 and #C2204 |
KAS-SSC |
vendor affirmed |
KBKDF |
Certs. #A1641, #A2113, #A2605 and #C2204 |
KTS |
AES Certs. #A1641, #A2113, #A2605 and #C2204; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
vendor affirmed |
KTS |
Triple-DES Certs. #A1641, #A2113, #A2605 and #C2204; key establishment methodology provides 112 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Certs. #A1641, #A2113, #A2605 and #C2204 |
SHA-3 |
Certs. #A1641, #A2113, #A2605 and #C2204 |
SHA-3-Customized |
SHA-3 Certs. #A1641, #A2113, #A2605 and #C2204, vendor affirmed |
SHS |
Certs. #A1641, #A2113, #A2605 and #C2204 |
Triple-DES |
Certs. #A1641, #A2113, #A2605 and #C2204 |
Allowed Algorithms
NDRNG; RSA (CVL Certs. #A1641, #A2113, #A2605 and #C2204, key wrapping; key establishment methodology provides between 150 and 256 bits of encryption strength)
Software Versions
1.0.2.1 [1], 1.0.2.2 [2] and 1.0.2.3 [3]