Module Name
Amazon Linux 2023 Kernel Cryptographic API
Caveat
Interim validation. When operated in approved mode. When installed, initialized and configured as specified in Section 11 of the Security Policy.
Security Level Exceptions
- Physical security: N/A
- Non-invasive security: N/A
- Mitigation of other attacks: N/A
- Documentation requirements: N/A
- Cryptographic module security policy: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Amazon Linux 2023 Kernel Cryptographic API provides cryptographic services to Linux kernel space software components and user space via the AF_ALG interface.
Tested Configuration(s)
- Amazon Linux 2023 on EC2 c6i.metal running on Intel Xeon Platinum 8375C with PAA
- Amazon Linux 2023 on EC2 c6i.metal running on Intel Xeon Platinum 8375C without PAA
- Amazon Linux 2023 on EC2 c7g.metal running on AWS Graviton3 with PAA
- Amazon Linux 2023 on EC2 c7g.metal running on AWS Graviton3 without PAA
- SnowOS 1.0 on AWS Snowball running on AMD EPYC 7702 with PAA
- SnowOS 1.0 on AWS Snowball running on AMD EPYC 7702 without PAA
- SnowOS 1.0 on AWS Snowblade running on Intel Xeon Gold 6314U with PAA
- SnowOS 1.0 on AWS Snowblade running on Intel Xeon Gold 6314U without PAA
- SnowOS 1.0 on AWS Snowcone running on Intel Atom C3558 with PAA
- SnowOS 1.0 on AWS Snowcone running on Intel Atom C3558 without PAA
Approved Algorithms
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
AES-XTS Testing Revision 2.0
Safe Primes Key Generation
Software Versions
kernel 6.1.41-64.118.amzn2023, 6.1.41-64.118.fips.amzn2023; libkcapi 1.4.0-105.amzn2023