Module Name
ExtraHop Cryptographic Module
Caveat
When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys)
Security Level Exceptions
- Physical security: N/A
- Non-invasive security: N/A
- Mitigation of other attacks: N/A
- Documentation requirements: N/A
- Cryptographic module security policy: N/A
Embodiment
Multi-Chip Stand Alone
Description
The ExtraHop Cryptographic Module 2.0 is a cryptographic library embedded in the ExtraHop Reveal(x) 360 application software. The ExtraHop Cryptographic Module 2.0 offers symmetric encryption/decryption, digital signature generation/verification, hashing, cryptographic key generation, random number generation, message authentication, and key establishment functions to secure data-at-rest/data-in-flight and to support secure communications protocols (including SSH and TLS 1.2/1.3).
Tested Configuration(s)
- Debian 9 running on a Dell PowerEdge R440 with an Intel® Xeon Silver 4214R with PAA
- Debian 9 running on a Dell PowerEdge R440 with an Intel® Xeon Silver 4214R without PAA
Allowed Algorithms
AES (Cert. A4978, key unwrapping. Per IG D.G.; Symmetric key unwrapping);RSA ( Cert. A4978, key unencapsulation. Per IG D.G.; Asymmetric key unencapsulation);SHA-1 ( Cert. A4978, secure hashing.; Digital signature generation in TLS v1.0/1.1);Triple-DES ( Cert. A4978, key unwrapping. Per IG D.G.; Symmetric key unwrapping)