Module Name
Entrust Authority™ Security Kernel
Historical Reason
Moved to historical list due to dependency on certificate #2937
Caveat
When operated in FIPS mode with module [Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Windows Server 2016 Standard] validated to FIPS 140-2 under Cert. #2936 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
Security Level Exceptions
- Physical Security: N/A
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware, or both.
Tested Configuration(s)
- Microsoft Windows Server 2016 Standard Edition running on a HP Compaq Pro 6305 with an AMD A4 (single-user mode)
FIPS Algorithms
| AES |
Cert. #C614 |
| CKG |
vendor affirmed |
| CVL |
Certs. #C605 and #C607 |
| DRBG |
Cert. #C601 |
| DSA |
Cert. #C602 |
| ECDSA |
Cert. #C603 |
| HMAC |
Cert. #C604 |
| KAS |
SP 800-56Arev3, vendor affirmed; key establishment methodology provides between 112 and 256 bits of encryption strength |
| KTS |
AES Cert. #C614; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #C605 |
| SHS |
Cert. #C600 |
| Triple-DES |
Cert. #C606 |
Allowed Algorithms
EC Diffie-Hellman (CVL Cert. #C607, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (CVL Cert. #C605, key wrapping; key establishment methodology provides between 112 and 202 bits of encryption strength)
Software Versions
1.0 and 1.1
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
