Module Name
Nitrox XL NFB FIPS Cryptographic Modules
Historical Reason
RNG SP800-131A Revision 1 Transition
Caveat
When operated in FIPS mode
Security Level Exceptions
- Physical Security: Level 3
- EMI/EMC: Level 3
Embodiment
Multi-chip embedded
Description
The Cavium Nitrox NFB Cryptographic Modules are a cryptographic component of the Nitrox PCI acceleration board that provides cryptographic key protection and acceleration for both asymmetric and symmetric encryption operations. It is contained in its own secure enclosure that provides physical resistance to tampering and zeroization of plaintext cryptographic material in the event the enclosure is opened.
Approved Algorithms
AES |
Certs. #551 and #189 |
DSA |
Cert. #224 |
ECDSA |
Cert. #58 |
HMAC |
Cert. #292 |
RNG |
Cert. #319 |
RSA |
Cert. #247 |
SHS |
Cert. #616 |
Triple-DES |
Certs. #547 and #286 |
Triple-DES MAC |
Triple-DES Certs. #547 and #286, vendor affirmed |
Other Algorithms
AES-MAC (Certs. #551 and #189; non-compliant); DES; RC2; RC4; RC5; CAST; CAST3; CAST5; SEED; MD2; MD5; HAS-160; DES-MAC; RC2-MAC; RC5-MAC; CAST-MAC; CAST3-MAC; CAST5-MAC; SSL3-MD5-MAC; SSL3-SHA1-MAC; HMAC-MD5; KCDSA; PBE-MD2-DES; PBE-MD5-DES; PBE-MD5-CAST; PBE-MD5-CAST3; PBE-SHA-1-CAST5; GENERIC-SECRET; SSL PRE-MASTER; SEED; RC2-MAC; RC5-MAC; Diffie-Hellman (key agreement; key establishment methodology provides 80-bits of encryption strength; non-compliant); RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie Hellman (key agreement; key establishment methodology provides 80-bits of encryption strength; non-compliant)
Hardware Versions
CN1120-VBD-03-0200, CN1010-VBD-03-0200, and CN1005-VBD-03-0200