U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3326

Details

Module Name
Self-Defending Key Management Service™
Standard
FIPS 140-2
Status
Active
Sunset Date
11/12/2023
Validation Dates
11/13/2018
Overall Level
1
Caveat
The module generates cryptographic keys whose strengths are modified by available entropy. When operated in FIPS mode
Security Level Exceptions
  • Roles, Services, and Authentication: Level 3
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
Fortanix Self-Defending Key Management Service™ (SDKMS) is the world’s first cloud service secured with Intel® SGX and built using Fortanix’s patented Runtime Encryption Technology. With SDKMS, you can securely generate, store, and use cryptographic keys and certificates, as well as secrets, or any blob of data. You can integrate with SDKMS using legacy cryptographic interfaces or using its native RESTful interface. SDKMS ensures that you remain in complete control over your keys and secrets. It provides access control to users and applications to enforce authorized access to keys.
Tested Configuration(s)
  • Ubuntu 16.04 running on a General purpose x86 based server (SuperMicro SYS-5019S-MR) with Intel® Xeon® CPU E3-1230 V5 @3.40GHz with PAA
  • Ubuntu 16.04 running on a General purpose x86 based server (SuperMicro SYS-5019S-MR) with Intel® Xeon® CPU E3-1230 V5 @3.40GHz without PAA (single-user mode)
FIPS Algorithms
AES Certs. #5328, #5329, #5379 and #5380
CKG vendor affirmed
CVL Certs. #1818 and #1822
DRBG Certs. #2072 and #2073
ECDSA Certs. #1418 and #1419
HMAC Certs. #3526 and #3527
KDF Certs. #191 and #195
KTS AES Cert. #5328 and HMAC Cert. #3526; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #5329 and HMAC Cert. #3527; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #5379; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS AES Cert. #5380; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Certs. #2876 and #2877
SHS Certs. #4280 and #4281
Allowed Algorithms
HMAC-MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Software Versions
2.0.596 and 2.0.NOAESNI-182
Product URL
https://www.fortanix.com/products/sdkms/

Vendor

Fortanix, Inc.
444 Castro St #702
Mountain View, CA 94041
USA

Ambuj Kumar
info@fortanix.com
Phone: 628-400-2043

Related Files

Security Policy
Consolidated Certificate

Lab

ÆGISOLVE
NVLAP Code: 200802-0