Historical SP 800-108 Key-Based Key Derivation Functions (KBKDF) Validation List

Last Update: 1/8/2016
NOTICE: The SP800-131A Revision 1 Transitions: Recommendation for Transitioning the Use of Cryptographic Algorithms and Key Lengths dated November 2015 goes into effect January 1, 2016. After 2015, the use of two-key TDEA shall not be used to derive keying material in a CMAC-based KDF. Therefore, the CMAC TDES2 option is no longer approved and has been removed from the SP800-108 Key Based KDF Validation List.

A note and link to the Historical validation list have been inserted for those implementations that previously tested for this. This note is displayed in red print. If a complete validation is no longer compliant, the complete validation entry is displayed in red to signify that it is now non-compliant, and therefore, the validation has been revoked.

Overview

These implementations are validated as conforming to the key-based key derivation functions as approved in Special Publication 800-108 Recommendation for Key Derivation Using Pseudorandom Functions (Revised) dated October 2009. The validation tests for the testing of SP800-108 are described in The SP800-108 Key Derivation Function Validation System (KBKDFVS).

NIST has made every attempt to provide complete and accurate information about the implementations described in the following list. It is the responsibility of the vendor to notify NIST of any necessary changes to its contact information and implementation description.

In addition to a general description of each product, this list mentions the features that were tested as conforming to the KBKDF; these features are listed on the validation that is issued to the vendor. The following notation is used to describe the implemented features that were successfully tested.

Legend for Description Field
Mode: [Counter Mode] [Feedback Mode] [Double-Pipeline Iteration Mode] Families of KDF
MACSupported([CMACTDES2]) Pseudorandom Function (PRF) used to compute the keying material
Llength(Values tested) Length of the derived keying material
ZeroLenIVSupported([True] [False]) Required ONLY for Feedback Mode
CounterUsedInData([True] [False]) Required in Feedback and Double-Pipeline Iteration Modes
rlength([8][16][24][32]) Length of the binary representation of the counter i.
LocationCounter
For CounterMode:([BeforeFixedData]
[AfterFixedData])
For Feedback and Double-Pipeline Iteration Modes:([BeforeIterationData]
[AfterIterationData] [AfterFixedData])		 Location of counter in the data to be MACed.
Required for Counter Mode.
If CounterUsedInData = True for Feedback and/or Double-Pipeline Iteration Modes, this is required.

KBKDF Validated Implementations

Validation
No.		 Vendor Implementation
Operational
Environment
 Val.
Date		 Modes/States/Key sizes/
Description/Notes
15 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079
Luna G5 Cryptographic Library

Version 6.10.4 (Firmware)
AMCC 440EPx PowerPC (PPC440EPx) Embedded Processor 11/8/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACTDES2] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
DRBG Val#428

"The G5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

12/01/14: Updated implementation information;

14 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079
Luna K6 Cryptographic Library

Version 6.10.4 (Firmware)
AMCC 440EPx Power PC (PPC440EPx) Embedded Processor 11/8/2013 CTR_Mode: ( Llength( Min1 Max256 ) MACSupported( [CMACTDES2] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2667 DRBG Val#428

"The K6 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

12/01/14: Updated implementation information;

6 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613.221.5081
FAX: 613.723.5079

-Laurie Smith
TEL: 613.221.5026
FAX: 613.723.5079
Luna IS Cryptographic Library

Version 6.3.1 (Firmware)
AMCC 440EPx Power PC (PPC440EPx) Embedded Processor 11/21/2012 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACTDES2] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2282 DRBG Val#277

"The Luna IS cryptographic library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

5 SafeNet, Inc.
4690 Millennium Drive
Belcamp, MD 21017
USA

-Chris Brych
TEL: 613-221-5081
FAX: 613-723-5079

-Laurie Smith
TEL: 613-221-5026
FAX: 613-723-5079
Luna G5 Cryptographic Library

Version 6.2.3 (Firmware)
AMCC PowerPC 440EPx 10/23/2012 CTR_Mode: ( Llength( Min16 Max256 ) MACSupported( [CMACTDES2] ) LocationCounter( [BeforeFixedData] ) rlength( [32] ) )
AES Val#2263 TDES Val#1415 DRBG Val#277

"The G5 Cryptographic Library provides a broad suite of high-performance cryptographic operations. All cryptographic algorithms are implemented within the module''s firmware or associated co-processor."

10/31/12: Updated implementation information;

Need Assistance?

Computer Security Division
National Institute of Standards and Technology