U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3435

Details

Module Name
VMware's IKE Crypto Module
Standard
FIPS 140-2
Status
Active
Sunset Date
2/20/2025
Validation Dates
04/19/2019;02/21/2020;06/15/2020
Overall Level
1
Caveat
When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The VMware's IKE Crypto Module v1.1.0 is a general-purpose cryptographic module that provides FIPS-Approved cryptographic functions and services to various VMware's products and components.
Tested Configuration(s)
  • PhotonOS 2.0 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 with PAA
  • PhotonOS 2.0 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 without PAA
  • Ubuntu 16.04 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 with PAA
  • Ubuntu 16.04 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 without PAA
  • Ubuntu 16.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 with PAA
  • Ubuntu 16.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 without PAA
  • Ubuntu 18.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 with PAA
  • Ubuntu 18.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 without PAA (single-user mode)
  • VMware SD-WAN OS 3.3 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 with PAA
  • VMware SD-WAN OS 3.3 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 without PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 3800 with an Intel Xeon D-2187NT with PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 3800 with an Intel Xeon D-2187NT without PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 610 with an Intel Atom C3308 with PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 610 with an Intel Atom C3308 without PAA
  • VMware SD-WAN OS 4.0 on ESXi 7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 5218 with PAA
  • VMware SD-WAN OS 4.0 on ESXi 7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 5218 without PAA
FIPS Algorithms
AES Cert. #C460
CKG vendor affirmed
CVL Cert. #C460
DRBG Certs. #C460 and #C461
DSA Cert. #C460
ECDSA Cert. #C460
HMAC Cert. #C460
KTS AES Cert. #C460; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS vendor affirmed
PBKDF vendor affirmed
RSA Cert. #C460
SHS Cert. #C460
Triple-DES Cert. #C460
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
1.1.0

Vendor

VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94304
USA

Manoj Maskara
mmaskara@vmware.com
Phone: 650-427-1000

Lab

LEIDOS CSTL
NVLAP Code: 200427-0