Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #4675

Details

Module Name
ExtraHop Cryptographic Module
Standard
FIPS 140-3
Status
Active
Sunset Date
1/29/2029
Overall Level
1
Caveat
When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys)
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The ExtraHop Cryptographic Module 2.0 is a cryptographic library embedded in the ExtraHop Reveal(x) 360 application software. The ExtraHop Cryptographic Module 2.0 offers symmetric encryption/decryption, digital signature generation/verification, hashing, cryptographic key generation, random number generation, message authentication, and key establishment functions to secure data-at-rest/data-in-flight and to support secure communications protocols (including SSH and TLS 1.2/1.3).
Tested Configuration(s)
  • Debian 9 running on a Dell PowerEdge R440 with an Intel® Xeon Silver 4214R with PAA
  • Debian 9 running on a Dell PowerEdge R440 with an Intel® Xeon Silver 4214R without PAA
Approved Algorithms
AES-CBC
A4978
AES-CCM
A4978
AES-CFB1
A4978
AES-CFB128
A4978
AES-CFB8
A4978
AES-CMAC
A4978
AES-CTR
A4978
AES-ECB
A4978
AES-GCM
A4978
AES-GMAC
A4978
AES-KW
A4978
AES-KWP
A4978
AES-OFB
A4978
AES-XTS
A4978
Counter DRBG
A4978
DSA KeyGen (FIPS186-4)
A4978
DSA PQGGen (FIPS186-4)
A4978
DSA PQGVer (FIPS186-4)
A4978
DSA SigGen (FIPS186-4)
A4978
DSA SigVer (FIPS186-4)
A4978
ECDSA KeyGen (FIPS186-4)
A4978
ECDSA KeyVer (FIPS186-4)
A4978
ECDSA SigGen (FIPS186-4)
A4978
ECDSA SigVer (FIPS186-4)
A4978
HMAC-SHA-1
A4978
HMAC-SHA2-224
A4978
HMAC-SHA2-256
A4978
HMAC-SHA2-384
A4978
HMAC-SHA2-512
A4978
HMAC-SHA3-224
A4978
HMAC-SHA3-256
A4978
HMAC-SHA3-384
A4978
HMAC-SHA3-512
A4978
KAS-ECC-SSC Sp800-56Ar3
A4978
KAS-FFC-SSC Sp800-56Ar3
A4978
KDA HKDF SP800-56Cr2
A4978
KDF SSH
A4978
KDF TLS
A4978
PBKDF
A4978
RSA KeyGen (FIPS186-4)
A4978
RSA SigGen (FIPS186-4)
A4978
RSA SigVer (FIPS186-4)
A4978
SHA-1
A4978
SHA2-224
A4978
SHA2-256
A4978
SHA2-384
A4978
SHA2-512
A4978
SHA3-224
A4978
SHA3-256
A4978
SHA3-384
A4978
SHA3-512
A4978
SHAKE-128
A4978
SHAKE-256
A4978
TDES-CBC
A4978
TDES-CFB1
A4978
TDES-CFB64
A4978
TDES-CFB8
A4978
TDES-CMAC
A4978
TDES-ECB
A4978
TDES-OFB
A4978
TLS v1.2 KDF RFC7627
A4978
TLS v1.3 KDF
A4979
Allowed Algorithms
AES (Cert. A4978, key unwrapping. Per IG D.G.; Symmetric key unwrapping);RSA ( Cert. A4978, key unencapsulation. Per IG D.G.; Asymmetric key unencapsulation);SHA-1 ( Cert. A4978, secure hashing.; Digital signature generation in TLS v1.0/1.1);Triple-DES ( Cert. A4978, key unwrapping. Per IG D.G.; Symmetric key unwrapping)
Software Versions
2.0

Vendor

ExtraHop Networks, Inc.
520 Pike St.
Suite 1600
Seattle, WA 98101
USA

ExtraHop Certification Team
certification-team@extrahop.com
Phone: 877-333-9872

Related Files

Security Policy
Consolidated Certificate

Validation History

Date Type Lab
1/30/2024 Initial Lightship Security, Inc.