Samsung Kernel Cryptographic Module

Certificate #4764

Webpage information

Status active
Validation dates 16.08.2024 , 09.07.2025 , 08.09.2025
Sunset date 15-08-2029
Standard FIPS 140-3
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat Interim Validation. When operated in approved mode
Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Mitigation of other attacks: N/A
Description Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest.
Tested configurations
  • Kernel 5.15 running on Samsung Galaxy S23 with Qualcomm Snapdragon 8 Gen 2 with PAA, Kernel 5.15 running on Samsung Galaxy S23 with Qualcomm Snapdragon 8 Gen 2 without PAA, Linux Kernel 5.15 running on Samsung Tab Active5 with Samsung Electronics Exynos 1380 with PAA, Linux Kernel 5.15 running on Samsung Tab Active5 with Samsung Electronics Exynos 1380 without PAA, Linux Kernel 5.15 running on Samsung Galaxy Tab S9 FE with Samsung Electronics Exynos 1380 with PAA, Linux Kernel 5.15 running on Samsung Galaxy Tab S9 FE with Samsung Electronics Exynos 1380 without PAA
Vendor Samsung Electronics Co., Ltd.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, CAST, HMAC, HMAC-SHA-256, CMAC
Hash functions
SHA-1
Schemes
MAC
Randomness
DRBG, RNG
Block cipher modes
CBC

Trusted Execution Environments
PSP
Vendor
Samsung, Qualcomm

Security level
Level 1, level 1

Standards
FIPS 140-3, FIPS 197, FIPS 198-1, FIPS 180-4, FIPS180-4, FIPS197, FIPS198-1, ISO/IEC 24759

File metadata

Title FIPS 140-3 Non-Proprietary Security Policy
Subject Samsung Kernel Cryptographic Module
Author Hedy
Creation date D:20250721130346-04'00'
Modification date D:20250721130346-04'00'
Pages 16
Creator Microsoft® Word 2016
Producer Microsoft® Word 2016

Heuristics

No heuristics are available for this certificate.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4764,
  "dgst": "3be13cd9cb0cb67e",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHA2-512A3242",
        "AES-CBCA3242",
        "HMAC-SHA2-384A3242",
        "SHA2-256A3242",
        "SHA2-384A3242",
        "HMAC-SHA-1A3242",
        "HMAC-SHA2-224A3242",
        "SHA-1A3242",
        "HMAC-SHA2-256A3242",
        "AES-ECBA3242",
        "SHA2-224A3242",
        "HMAC-SHA2-512A3242"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {},
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 2
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "MAC": {
          "MAC": 6
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES-CBC 128 and 256": 2,
          "AES-CBC 128, 192": 1,
          "HMAC-SHA-1": 8,
          "HMAC-SHA-256": 2,
          "PAA 2": 1,
          "PAA 3": 1,
          "PAA 4": 1,
          "PAA 5": 1,
          "PAA 6": 1,
          "SHA-1": 4,
          "SHA2-224": 3,
          "SHA2-256": 4,
          "SHA2-384": 7,
          "SHA2-512": 5
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 3,
          "level 1": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 4
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 1
        },
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-3": 29,
          "FIPS 180-4": 5,
          "FIPS 197": 2,
          "FIPS 198-1": 5,
          "FIPS180-4": 1,
          "FIPS197": 1,
          "FIPS198-1": 1
        },
        "ISO": {
          "ISO/IEC 24759": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 8
          },
          "CAST": {
            "CAST": 3
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 2,
            "HMAC": 13,
            "HMAC-SHA-256": 1
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 1
        }
      },
      "tls_cipher_suite": {},
      "vendor": {
        "Qualcomm": {
          "Qualcomm": 2
        },
        "Samsung": {
          "Samsung": 40
        }
      },
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Hedy",
      "/CreationDate": "D:20250721130346-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2016",
      "/ModDate": "D:20250721130346-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2016",
      "/Subject": "Samsung Kernel Cryptographic Module",
      "/Title": "FIPS 140-3 Non-Proprietary Security Policy",
      "pdf_file_size_bytes": 492378,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.198-1.pdf",
          "https://csrc.nist.gov/publications/detail/sp/800-38a/final",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.197.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 16
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "a0d61d7ffe9cf4b064e631c70ad622a719c832e1e9157d253517f11f8ee000e7",
    "policy_txt_hash": "ae4f93e8fb268c7f6e92164bd95f71768ebdf116f95be830844a75041a0273a1"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "Interim Validation. When operated in approved mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf",
    "date_sunset": "2029-08-15",
    "description": "Provides general purpose cryptographic services to services in the Linux kernel and user-space applications, intended to protect data in transit and at rest.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical security: N/A",
      "Non-invasive security: N/A",
      "Mitigation of other attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Samsung Kernel Cryptographic Module",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": "2.3",
    "tested_conf": [
      "Kernel 5.15 running on Samsung Galaxy S23 with Qualcomm Snapdragon 8 Gen 2 with PAA, Kernel 5.15 running on Samsung Galaxy S23 with Qualcomm Snapdragon 8 Gen 2 without PAA, Linux Kernel 5.15 running on Samsung Tab Active5 with Samsung Electronics Exynos 1380 with PAA, Linux Kernel 5.15 running on Samsung Tab Active5 with Samsung Electronics Exynos 1380 without PAA, Linux Kernel 5.15 running on Samsung Galaxy Tab S9 FE with Samsung Electronics Exynos 1380 with PAA, Linux Kernel 5.15 running on Samsung Galaxy Tab S9 FE with Samsung Electronics Exynos 1380 without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-08-16",
        "lab": "Gossamer Security Solutions",
        "validation_type": "Initial"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2025-07-09",
        "lab": "Gossamer Security Solutions",
        "validation_type": "Update"
      },
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2025-09-08",
        "lab": "Gossamer Security Solutions",
        "validation_type": "Update"
      }
    ],
    "vendor": "Samsung Electronics Co., Ltd.",
    "vendor_url": "http://www.samsung.com"
  }
}