Module Name
CLEAR Cryptosystem
Caveat
When installed, initialized and configured as specified in the Security Policy Section 3 and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
Embodiment
Multi-Chip Stand Alone
Description
CLEAR Cryptosystem is a standards-based cryptographic engine that enables the protection of data requiring absolute compliance with federal standards. The module delivers core cryptographic functions for boosting the strength and speed of cryptographic protection while guaranteeing data integrity, data at rest encryption, and streaming data transmissions. CLEAR Cryptosystem provides flexible modes of operation that include multi-factor authentication (MFA) and embedded access control lists (ACL) for controlled access to data.
Tested Configuration(s)
- VMware Photon OS 2.0 with JDK 11 on VMware ESXi 6.7 running on Dell PowerEdge R830 with Intel Xeon E5 (single-user mode)
Approved Algorithms
AES |
Cert. #A2720 |
CKG |
vendor affirmed |
CVL |
Cert. #A2720 |
DRBG |
Cert. #A2720 |
DSA |
Cert. #A2720 |
ECDSA |
Cert. #A2720 |
HMAC |
Cert. #A2720 |
KAS-SSC |
vendor affirmed |
KBKDF |
Cert. #A2720 |
KTS |
AES Cert. #A2720; key establishment methodology provides between 128 and 256 bits of encryption strength |
KTS |
vendor affirmed |
KTS |
Triple-DES Cert. #A2720; key establishment methodology provides 112 bits of encryption strength |
PBKDF |
vendor affirmed |
RSA |
Cert. #A2720 |
SHA-3 |
Cert. #A2720 |
SHA-3-Customized |
SHA-3 Cert. #A2720, vendor affirmed |
SHS |
Cert. #A2720 |
Triple-DES |
Cert. #A2720 |
Allowed Algorithms
NDRNG; MD5; RSA (key wrapping; key establishment methodology provides between 150 and 256 bits of encryption strength)
Software Versions
3.0.2.1