Module Name
Secure Boot Processor (SBP) Crypto Engine
Caveat
When operated in FIPS mode.
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Description
The Secure Boot Processor operates a secure enclave within the Fungible DPU, and implements a hardware rooted chain of trust for authenticating all software, firmware and configuration files used in the DPU. The SBP also manages a number of asymmetric key cryptography accelerators within the enclave, and implements APIs for invoking these accelerators. The APIs are used by the DPU operating system (FunOS) modules to offload public key cryptography operations.
Tested Configuration(s)
- Fungible F1 rev A0
- Fungible S1 rev A0
Approved Algorithms
| AES |
Certs. #A2318, #A2321, #A2322 and #A2323 |
| CKG |
vendor affirmed |
| CVL |
Certs. #A2342, #A2349 and #A2350 |
| DRBG |
Cert. #A2342 |
| DSA |
Certs. #A2349 and #A2350 |
| ECDSA |
Certs. #A2349 and #A2350 |
| ENT |
P |
| HMAC |
Certs. #A2319 and #A2320 |
| KAS-SSC |
Certs. #A2349 and #A2350 |
| KBKDF |
Cert. #A2342 |
| KTS |
AES Certs. #A2318 and #A2323; key establishment methodology provides 128 bits of encryption strength |
| KTS-RSA |
Certs. #A2349 and #A2350; key establishment methodology provides between 112 and 150 bits of encryption strength |
| RSA |
Certs. #A2349 and #A2350 |
| SHS |
Certs. #A2319 and #A2320 |
Hardware Versions
F1 1.0.0 and S1 1.0.1
Firmware Versions
95b53165a1
