Module Name
Dell Crypto Library for Dell iDRAC, Dell CMC and Dell OME-M
Validation Dates
03/15/2017;01/30/2018;09/10/2018;01/28/2019;02/19/2019
Caveat
When operated in FIPS mode. This validation entry is rebranding from Cert. #2496. The module generates cryptographic keys
whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
Dell Cryptographic Module v2.4 is used within various Dell products including the Dell iDRAC8 and Dell CMC. The Integrated Dell Remote Access Controller 8 (Dell iDRAC8) is designed to improve the overall manageability and availability of Dell PowerEdge Servers. The Dell Chassis Management Controller (Dell CMC) is a systems management component designed to manage one or more Dell PowerEdge Systems containing Blade Servers.
Tested Configuration(s)
- Custom Linux 3.16.47 running on a PowerEdge R730 Rack Server w/ Dell iDRAC8
- Custom Linux 3.2.18 running on a PowerEdge M1000e Blade Server w/ Dell CMC
- Custom Linux 3.4.11 running on a PowerEdge R730 Rack Server w/ Dell iDRAC8
- Custom Linux 4.1.12 running on a PowerEdge R740 Rack Server w/ Dell iDRAC9
- Custom Linux 4.9.31 running on a PowerEdge M1000e Blade Server w/ Dell CMC
- Custom Linux 4.9.77-33 running on a PowerEdge MX7000 Modular Chassis w/ Dell OME-M (single-user mode)
FIPS Algorithms
| AES |
Certs. #4248, #5032, #5477, #5478 and #C194 |
| DRBG |
Certs. #1327, #1844, #2155, #2156 and #C194 |
| DSA |
Certs. #1138, #1323, #1408, #1409 and #C194 |
| HMAC |
Certs. #2786, #3346, #3632, #3633 and #C194 |
| RSA |
Certs. #2293, #2716, #2941, #2942 and #C194 |
| SHS |
Certs. #3485, #4091, #4395, #4396 and #C194 |
| Triple-DES |
Certs. #2303, #2594, #2756, #2757 and #C194 |
Other Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 270 bits of encryption strength); AES CMAC (non-compliant); AES GCM (non-compliant); AES XTS (non-compliant); ANSI X9.31 RNG (non-compliant); ECDSA (non-compliant); Hash_DRBG (non-compliant); HMAC_DRBG (non-compliant); Triple-DES CMAC (non-compliant)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
