Official websites use .gov
A .gov website belongs to an official government organization in the United States.

Secure .gov websites use HTTPS
A lock ( ) or https:// means you’ve safely connected to the .gov website. Share sensitive information only on official, secure websites.

    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #5126

Details

Module Name
CLEAR Cryptosystem
Standard
FIPS 140-3
Status
Active
Sunset Date
7/28/2029
Overall Level
1
Caveat
When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys).
Security Level Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
CLEAR Cryptosystem is a standards-based cryptographic engine that enables the protection of data requiring absolute compliance with federal standards. The module delivers core cryptographic functions for boosting the strength and speed of cryptographic protection while guaranteeing data integrity, data at rest encryption, and streaming data transmissions. CLEAR Cryptosystem provides flexible modes of operation that include multi-factor authentication (MFA) and embedded access control lists (ACL) for controlled access to data.
Tested Configuration(s)
  • OpenJDK Runtime Environment v11 on VMware Photon OS 5.0 on VMware ESXi 8.0 running on Dell PowerEdge R830 with Intel Xeon E5 without PAA
  • OpenJDK Runtime Environment v17 on VMware Photon OS 5.0 on VMware ESXi 8.0 running on Dell PowerEdge R830 with Intel Xeon E5 without PAA
  • OpenJDK Runtime Environment v21 on VMware Photon OS 5.0 on VMware ESXi 8.0 running on Dell PowerEdge R830 with Intel Xeon E5 without PAA
  • OpenJDK Runtime Environment v8 on VMware Photon OS 5.0 on VMware ESXi 8.0 running on Dell PowerEdge R830 with Intel Xeon E5 without PAA
Approved Algorithms
AES-CBC
A6047
AES-CBC-CS1
A6047
AES-CBC-CS2
A6047
AES-CBC-CS3
A6047
AES-CCM
A6047
AES-CFB128
A6047
AES-CFB8
A6047
AES-CMAC
A6047
AES-CTR
A6047
AES-ECB
A6047
AES-FF1
A6047
AES-GCM
A6047
AES-GMAC
A6047
AES-KW
A6047
AES-KWP
A6047
AES-OFB
A6047
Counter DRBG
A6047
cSHAKE-128
A6047
cSHAKE-256
A6047
DSA KeyGen (FIPS186-4)
A6047
DSA PQGGen (FIPS186-4)
A6047
DSA PQGVer (FIPS186-4)
A6047
DSA SigGen (FIPS186-4)
A6047
DSA SigVer (FIPS186-4)
A6047
ECDSA KeyGen (FIPS186-4)
A6047
ECDSA KeyVer (FIPS186-4)
A6047
ECDSA SigGen (FIPS186-4)
A6047
ECDSA SigVer (FIPS186-4)
A6047
Hash DRBG
A6047
HMAC DRBG
A6047
HMAC-SHA-1
A6047
HMAC-SHA2-224
A6047
HMAC-SHA2-256
A6047
HMAC-SHA2-384
A6047
HMAC-SHA2-512
A6047
HMAC-SHA2-512/224
A6047
HMAC-SHA2-512/256
A6047
HMAC-SHA3-224
A6047
HMAC-SHA3-256
A6047
HMAC-SHA3-384
A6047
HMAC-SHA3-512
A6047
KAS-ECC Sp800-56Ar3
A6047
KAS-FFC Sp800-56Ar3
A6047
KAS-IFC
A6047
KDA HKDF SP800-56Cr2
A6047
KDA OneStep SP800-56Cr2
A6047
KDA TwoStep SP800-56Cr2
A6047
KDF ANS 9.63
A6047
KDF IKEv2
A6047
KDF SNMP
A6047
KDF SP800-108
A6047
KDF SRTP
A6047
KDF SSH
A6047
KDF TLS
A6047
KMAC-128
A6047
KMAC-256
A6047
KTS-IFC
A6047
ParallelHash-128
A6047
ParallelHash-256
A6047
PBKDF
A6047
RSA Decryption Primitive
A6047
RSA KeyGen (FIPS186-4)
A6047
RSA SigGen (FIPS186-4)
A6047
RSA Signature Primitive
A6047
RSA SigVer (FIPS186-2)
A6047
RSA SigVer (FIPS186-4)
A6047
Safe Primes Key Generation
A6047
Safe Primes Key Verification
A6047
SHA-1
A6047
SHA2-224
A6047
SHA2-256
A6047
SHA2-384
A6047
SHA2-512
A6047
SHA2-512/224
A6047
SHA2-512/256
A6047
SHA3-224
A6047
SHA3-256
A6047
SHA3-384
A6047
SHA3-512
A6047
SHAKE-128
A6047
SHAKE-256
A6047
TupleHash-128
A6047
TupleHash-256
A6047
Software Versions
4.0.0
Product URL
https://ice-it.app

Vendor

Quantum Knight, INC.
3175 Hanover Street
Palo Alto, CA 94304
USA

Andy Schwaderer
[email protected]
Phone: 415-314-0761
 Morgan Dioli
[email protected]
Phone: 510-318-1332

Related Files

Security Policy

Validation History

Date Type Lab
1/13/2026 Initial DEKRA Cybersecurity Certification Laboratory
3/3/2026 Update DEKRA Cybersecurity Certification Laboratory