Tanium FIPS OpenSSL 3.0 Module

Certificate #4926

Webpage information

Status active
Validation dates 18.12.2024
Sunset date 10-07-2029
Standard FIPS 140-3
Security level 1
Type Software
Embodiment Multi-Chip Stand Alone
Caveat No assurance of the minimum strength of generated SSPs (e.g., keys).
Exceptions
  • Physical security: N/A
  • Non-invasive security: N/A
  • Life-cycle assurance: Level 3
Description The Tanium FIPS OpenSSL 3.0 Module is a general purpose cryptographic module incorporated into the Tanium Endpoint Platform to provide FIPS 140-3 validated cryptography for the protection of sensitive information.
Vendor [email protected]
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, CAST, HMAC, KMAC, CMAC
Asymmetric Algorithms
ECDSA, EdDSA, ECC, DHE, DSA
Hash functions
SHA2, SHA3, SHAKE128, SHAKE256, PBKDF
Schemes
MAC, Key agreement, Key Agreement, AEAD
Protocols
SSH, SSHv2, TLS v1.2, TLS v1.3, TLS 1.3, TLS, TLS 1.2
Randomness
DRBG, RBG
Libraries
OpenSSL
Block cipher modes
CTR, GCM, CCM

JavaCard API constants
ED25519, ED448
Trusted Execution Environments
PSP, SSC

Security level
Level 1
Side-channel analysis
timing attacks

Standards
FIPS 202, PKCS 1, RFC7627, RFC 5288, RFC 5647, RFC 8446, RFC8446, ISO/IEC 19790:2012

File metadata

Title Microsoft Word - Tanium FIPS 140-3 Security Policy_Output_TRD1_2024-10-21.docx
Author Rachel Shelby
Creation date D:20241021163251-07'00'
Modification date D:20241021163251-07'00'
Pages 40
Creator PScript5.dll Version 5.2.2
Producer Acrobat Distiller 24.0 (Windows)

References

Outgoing
  • 210 - historical - VPN 3000 Concentrator Series

Heuristics

No heuristics are available for this certificate.

References

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4926,
  "dgst": "3eb5e2c42f63d88b",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": []
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.0"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "210"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "147",
          "100",
          "210"
        ]
      }
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": [
        "210"
      ]
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 8
          },
          "ECDSA": {
            "ECDSA": 23
          },
          "EdDSA": {
            "EdDSA": 4
          }
        },
        "FF": {
          "DH": {
            "DHE": 1
          },
          "DSA": {
            "DSA": 23
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CCM": {
          "CCM": 1
        },
        "CTR": {
          "CTR": 3
        },
        "GCM": {
          "GCM": 3
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 51
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 4,
          "SSHv2": 2
        },
        "TLS": {
          "TLS": {
            "TLS": 3,
            "TLS 1.2": 1,
            "TLS 1.3": 1,
            "TLS v1.2": 4,
            "TLS v1.3": 5
          }
        }
      },
      "crypto_scheme": {
        "AEAD": {
          "AEAD": 1
        },
        "KA": {
          "Key Agreement": 1,
          "Key agreement": 17
        },
        "MAC": {
          "MAC": 16
        }
      },
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#210": 1
        }
      },
      "fips_certlike": {
        "Certlike": {
          "PKCS 1": 4,
          "SHA2": 1,
          "SHA3": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 3
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF": 10
        },
        "SHA": {
          "SHA2": {
            "SHA2": 1
          },
          "SHA3": {
            "SHA3": 1
          }
        },
        "SHAKE": {
          "SHAKE128": 1,
          "SHAKE256": 1
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {
        "curves": {
          "ED25519": 4,
          "ED448": 4
        }
      },
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 37
        },
        "RNG": {
          "RBG": 3
        }
      },
      "side_channel_analysis": {
        "SCA": {
          "timing attacks": 2
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 202": 6
        },
        "ISO": {
          "ISO/IEC 19790:2012": 3
        },
        "PKCS": {
          "PKCS 1": 2
        },
        "RFC": {
          "RFC 5288": 1,
          "RFC 5647": 1,
          "RFC 8446": 1,
          "RFC7627": 4,
          "RFC8446": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 10
          },
          "CAST": {
            "CAST": 73
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 6,
            "HMAC": 19,
            "KMAC": 7
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 12
        },
        "IBM": {
          "SSC": 1
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Rachel Shelby",
      "/CreationDate": "D:20241021163251-07\u002700\u0027",
      "/Creator": "PScript5.dll Version 5.2.2",
      "/ModDate": "D:20241021163251-07\u002700\u0027",
      "/Producer": "Acrobat Distiller 24.0 (Windows)",
      "/Title": "Microsoft Word - Tanium FIPS 140-3 Security Policy_Output_TRD1_2024-10-21.docx",
      "pdf_file_size_bytes": 648984,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 40
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "8f563bce2a7e7046499f854bb778f83b426287fef55accca935b682280d57733",
    "policy_txt_hash": "7deb7f193fff8b6586c3b3c8d2fa1db77fb44763d4d2c53b7c5a2a34e01cf256"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "No assurance of the minimum strength of generated SSPs (e.g., keys).",
    "certificate_pdf_url": null,
    "date_sunset": "2029-07-10",
    "description": "The Tanium FIPS OpenSSL 3.0 Module is a general purpose cryptographic module incorporated into the Tanium Endpoint Platform to provide FIPS 140-3 validated cryptography for the protection of sensitive information.",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical security: N/A",
      "Non-invasive security: N/A",
      "Life-cycle assurance: Level 3"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "Tanium FIPS OpenSSL 3.0 Module",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": null,
    "tested_conf": null,
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-12-18",
        "lab": "DEKRA Cybersecurity Certification Laboratory",
        "validation_type": "Initial"
      }
    ],
    "vendor": "[email\u00a0protected]",
    "vendor_url": "/cdn-cgi/l/email-protection"
  }
}