Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

Cryptographic Module Validation Program CMVP

Certificate #4808

Details

Module Name
Amazon Linux 2023 Kernel Cryptographic API
Standard
FIPS 140-3
Status
Active
Sunset Date
9/22/2026
Overall Level
1
Caveat
Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy.
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The Amazon Linux 2023 Kernel Cryptographic API provides cryptographic services to Linux kernel space software components and user space via the AF_ALG interface.
Tested Configuration(s)
  • Amazon Linux 2023 on EC2 c6i.metal running on Intel Xeon Platinum 8375C with PAA
  • Amazon Linux 2023 on EC2 c6i.metal running on Intel Xeon Platinum 8375C without PAA
  • Amazon Linux 2023 on EC2 c7g.metal running on AWS Graviton3 with PAA
  • Amazon Linux 2023 on EC2 c7g.metal running on AWS Graviton3 without PAA
  • SnowOS 1.0 on AWS Snowball running on AMD EPYC 7702 with PAA
  • SnowOS 1.0 on AWS Snowball running on AMD EPYC 7702 without PAA
  • SnowOS 1.0 on AWS Snowblade running on Intel Xeon Gold 6314U with PAA
  • SnowOS 1.0 on AWS Snowblade running on Intel Xeon Gold 6314U without PAA
  • SnowOS 1.0 on AWS Snowcone running on Intel Atom C3558 with PAA
  • SnowOS 1.0 on AWS Snowcone running on Intel Atom C3558 without PAA
Approved Algorithms
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CBC-CS3
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CCM
AES-CFB128
AES-CFB128
AES-CFB128
AES-CFB128
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CMAC
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-CTR
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-ECB
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GCM
AES-GMAC
AES-GMAC
AES-GMAC
AES-GMAC
AES-KW
AES-KW
AES-KW
AES-KW
AES-OFB
AES-OFB
AES-OFB
AES-OFB
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
Counter DRBG
ECDSA KeyGen (FIPS186-4)
Hash DRBG
Hash DRBG
Hash DRBG
Hash DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC DRBG
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA-1
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-224
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-256
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-384
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA2-512
HMAC-SHA3-224
HMAC-SHA3-224
HMAC-SHA3-256
HMAC-SHA3-256
HMAC-SHA3-384
HMAC-SHA3-384
HMAC-SHA3-512
HMAC-SHA3-512
KAS-ECC-SSC Sp800-56Ar3
KAS-FFC-SSC Sp800-56Ar3
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
RSA SigVer (FIPS186-4)
Safe Primes Key Generation
SHA-1
SHA-1
SHA-1
SHA-1
SHA-1
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-224
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-256
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-384
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA2-512
SHA3-224
SHA3-224
SHA3-256
SHA3-256
SHA3-384
SHA3-384
SHA3-512
SHA3-512
Software Versions
kernel 6.1.41-64.118.amzn2023, 6.1.41-64.118.fips.amzn2023; libkcapi 1.4.0-105.amzn2023

Vendor

Amazon Web Services, Inc.
1918 8th Ave
Seattle, WA 98101
USA

Amazon Linux Security
aws-fips-external@amazon.com
Phone: 000-000-0000

Validation History

Date Type Lab
9/23/2024 Initial ATSEC INFORMATION SECURITY CORP