Module Name
Cryptographic Module for Intel® Platforms' Security Engine Chipset
Historical Reason
Does not meet SP 800-56Arev3 requirements
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Sections 2.3 and 9.1 for of the Security Policy. When entropy is externally loaded, no assurance of the minimum strength of generated keys
Module Type
Firmware-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Module for Intel® CSE is a hardware-firmware hybrid module present on Intel® PCH platforms. The module performs crypto functions for CSE applications, including but are not limited to:
PTT (Platform Trust Technology), AMT (Active Management Technology), and DAL (Dynamic Application Loader).
Tested Configuration(s)
- Embedded customized proprietary OS running firmware version 14.0.30.1115 on Intel Comet Point PCH with Lakemont processor 3.6
Approved Algorithms
AES |
Cert. #C1463 |
CKG |
vendor affirmed |
CVL |
Cert. #C1463 |
DRBG |
Cert. #C1463 |
ECDSA |
Cert. #C1463 |
HMAC |
Cert. #C1463 |
KAS |
Cert. #C1463 |
KBKDF |
Cert. #C1463 |
KTS |
AES Cert. #C1463; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C1463 and AES Cert. #C1463; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C1463 and ECDSA Cert. #C1463; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C1463 and HMAC Cert. #C1463; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C1463 and RSA Cert. #C1463; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
vendor affirmed |
RSA |
Cert. #C1463 |
SHS |
Cert. #C1463 |