Module Name
REDCOM OpenSSL Cryptographic Module
Validation Dates
12/14/2020
Caveat
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Roles, Services, and Authentication: Level 2
- Physical Security: N/A
- Design Assurance: Level 3
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
REDCOM OpenSSL Cryptographic Module is used with various REDCOM products. The module offloads functions for key management, data integrity, data at rest encryption, and communications to a trusted implementation. The module is a multi-chip standalone embodiment installed on a General-Purpose Device and relies on physical characteristics of the host. The physical cryptographic boundary is defined by the enclosure of the host platform. Operations occur via calls from host applications and their internal daemons/processes. As such there are no untrusted services calling the services of the module
Tested Configuration(s)
- Oracle® Linux 7.6 64 bit running on Oracle® X7-2 Server with Intel® Xeon® Silver 4114 with PAA
- Oracle® Linux 7.6 64 bit running on Oracle® X7-2 Server with Intel® Xeon® Silver 4114 without PAA
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #C1651, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
