Module Name
Cryptographic Module for Intel® Platforms' Security Engine Chipset
Validation Dates
03/04/2021
Caveat
When operated in FIPS mode and installed, initialized and configured as specified in Sections 2.3 and 9.1 of the Security Policy. When entropy is externally loaded, no assurance of the minimum strength of generated keys.
Module Type
Firmware-Hybrid
Embodiment
Multi-Chip Stand Alone
Description
The Cryptographic Module for Intel® CSME is a hardware-firmware hybrid module present on Intel® PCH platforms. The module performs crypto functions for CSME applications, including but are not limited to:
PTT (Platform Trust Technology), AMT (Active Management Technology), and DAL (Dynamic Application Loader).
Tested Configuration(s)
- Intel Ice Point PCH chipset with CSME device firmware version 13.0.0.1084
FIPS Algorithms
AES |
Cert. #C849 |
CKG |
vendor affirmed |
CVL |
Cert. #C849 |
DRBG |
Cert. #C849 |
ECDSA |
Cert. #C849 |
HMAC |
Cert. #C849 |
KAS |
Cert. #C849 |
KBKDF |
Cert. #C849 |
KTS |
AES Cert. #C849 |
KTS |
AES Cert. #C849; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C849 and AES Cert. #C849; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C849 and ECDSA Cert. #C849; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C849 and HMAC Cert. #C849; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
AES Cert. #C849 and RSA Cert. #C849; key establishment methodology provides 128 or 256 bits of encryption strength |
KTS |
vendor affirmed |
RSA |
Cert. #C849 |
SHS |
Cert. #C849 |