Module Name
Entrust Security Kernel
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Embodiment
Multi-chip standalone
Description
The Kernel is a C++ class library of cryptographic functions bound together by a common object-oriented Application Programming Interface (API). Depending on the configuration and the runtime environment of the Kernel, the algorithms may be implemented in software, hardware, or a combination of both. The industry standard Cryptoki API, as described in PCKS #11, is used as the internal interface to hardware-based cryptographic tokens.
Tested Configuration(s)
- Windows Server 2003 (single-user mode)
Approved Algorithms
AES |
Cert. #484 |
DSA |
Cert. #196 |
ECDSA |
Cert. #45 |
HMAC |
Cert. #238 |
RNG |
Cert. #261 |
RSA |
Cert. #198 |
SHS |
Cert. #551 |
Triple-DES |
Cert. #495 |
Other Algorithms
DES; DES MAC; CAST; CAST3; CAST5; RC2; RC4; IDEA; MD2; MD5; RIPEMD-160; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 201 bits of encryption strength; non-compliant less than 112 bits of encryption strength); PAKE; AES MAC (non-compliant); NIST 800-90 DRBG RNG (non-compliant)