U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3435

Details

Module Name
VMware's IKE Crypto Module
Standard
FIPS 140-2
Status
Active
Sunset Date
2/20/2025
Validation Dates
04/19/2019;02/21/2020;06/15/2020
Overall Level
1
Caveat
When operated in FIPS mode. When entropy is externally loaded, no assurance of the minimum strength of generated keys
Security Level Exceptions
  • Physical Security: N/A
  • Mitigation of Other Attacks: N/A
Module Type
Software
Embodiment
Multi-Chip Stand Alone
Description
The VMware's IKE Crypto Module v1.1.0 is a general-purpose cryptographic module that provides FIPS-Approved cryptographic functions and services to various VMware's products and components.
Tested Configuration(s)
  • PhotonOS 2.0 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 with PAA
  • PhotonOS 2.0 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 without PAA
  • Ubuntu 16.04 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 with PAA
  • Ubuntu 16.04 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 without PAA
  • Ubuntu 16.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 with PAA
  • Ubuntu 16.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 without PAA
  • Ubuntu 18.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 with PAA
  • Ubuntu 18.04 on ESXi 7.0 running on a Dell PowerEdge R740 with an Intel Xeon Gold 6126 without PAA (single-user mode)
  • VMware SD-WAN OS 3.3 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 with PAA
  • VMware SD-WAN OS 3.3 on ESXi 6.7 running on a Dell PowerEdge R740 with an Intel Xeon 6126 without PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 3800 with an Intel Xeon D-2187NT with PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 3800 with an Intel Xeon D-2187NT without PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 610 with an Intel Atom C3308 with PAA
  • VMware SD-WAN OS 3.3 running on a VMware SD-WAN Edge 610 with an Intel Atom C3308 without PAA
  • VMware SD-WAN OS 4.0 on ESXi 7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 5218 with PAA
  • VMware SD-WAN OS 4.0 on ESXi 7.0 running on a Dell PowerEdge R640 with an Intel Xeon Gold 5218 without PAA
FIPS Algorithms
AES Cert. #C460
CKG vendor affirmed
CVL Cert. #C460
DRBG Certs. #C460 and #C461
DSA Cert. #C460
ECDSA Cert. #C460
HMAC Cert. #C460
KTS AES Cert. #C460; key establishment methodology provides between 128 and 256 bits of encryption strength
KTS vendor affirmed
PBKDF vendor affirmed
RSA Cert. #C460
SHS Cert. #C460
Triple-DES Cert. #C460
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 128 bits of encryption strength)
Software Versions
1.1.0

Vendor

VMware, Inc.
3401 Hillview Ave
Palo Alto, CA 94304
USA

Manoj Maskara
mmaskara@vmware.com
Phone: 650-427-1000

Related Files

Security Policy
Consolidated Certificate

Lab

LEIDOS CSTL
NVLAP Code: 200427-0