Module Name
TrustedKeep Encryption Module
Validation Dates
12/10/2020
Caveat
When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
TrustedKeep is a secure object storage and sharing platform designed from the ground up for object-level encryption. Each object stored is assigned one or more unique encryption keys that never leave the TrustedKeep boundary, preventing engineering mistakes resulting in leaks of key material or sensitive data.
Tested Configuration(s)
- CentOS 7.7 running on HP ProLiant DL 360 Gen 10 server with Intel Xeon Silver 4110 CPU with PAA
- CentOS 7.7 running on HP ProLiant DL 360 Gen 10 server with Intel Xeon Silver 4110 CPU without PAA (single-user mode)
FIPS Algorithms
| AES |
Cert. #C1743 |
| CKG |
vendor affirmed |
| CVL |
Cert. #C1743 |
| DRBG |
Cert. #C1743 |
| ECDSA |
Cert. #C1743 |
| HMAC |
Cert. #C1743 |
| KAS-SSC |
vendor affirmed |
| KTS |
AES Cert. #C1743; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #C1743 |
| SHS |
Cert. #C1743 |
| Triple-DES |
Cert. #C1743 |
Allowed Algorithms
MD5; NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
