Module Name
AWS Nitro Card Security Engine
Validation Dates
10/29/2020
Caveat
When operated in FIPS mode
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Module Type
Firmware-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The AWS Nitro Card Security Engine is a multi-chip standalone firmware-hybrid module. The Approved cryptographic services provided by the module are:
- Data encryption / decryption utilizing symmetric ciphers, i.e. AES algorithms.
- Computation of hash values, i.e. SHA-256, SHA-512.
- Message authentication utilizing HMAC-SHA256, HMAC-SHA512, hashing algorithms.
Tested Configuration(s)
- Carbon Linux (Linux kernel 4.9.32) running on Cortex ARMv8 with AL5+
Firmware Versions
HAL-rel-3.2-uemu-fips