VaultIP

Certificate #3945

Webpage information

Status historical
Historical reason SP 800-56Arev3 transition - replaced by certificate #4459
Validation dates 07.06.2021
Standard FIPS 140-2
Security level 2
Type Hardware
Embodiment Single Chip
Caveat When operated in FIPS mode
Exceptions
  • Physical Security: Level 3
  • Mitigation of Other Attacks: N/A
Description VaultIP is a Silicon IP Security Module with a secure asset store protecting all valuable assets on your device. It is a stand-alone Root of Trust that offers key management and crypto functions needed for platform and application security. VaultIP offers all security services to manage your device securely through its lifecycle. These include Secure Debug, Secure Provisioning, HUK and Identity protection and secure authentication services. Secure Boot and Communication protocols such as TLS can leverage VaultIP to secure the boot process and protect private communication keys.
Version (Hardware) 3.0.3
Version (Firmware) 3.0.6
Tested configurations
  • Xilinx Zynq XC7Z045 FPGA
Vendor Rambus Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.
Certificate
Webpage

Security policy

Security target PDF TXT

Symmetric Algorithms
AES, AES-256, DES, Triple-DES, TDEA, HMAC, HMAC-SHA-256, HMAC-SHA-512, HMAC-SHA-224, HMAC-SHA-384, CMAC
Asymmetric Algorithms
RSA-PSS, ECDH, ECDSA, Diffie-Hellman, DSA
Hash functions
SHA-1, SHA-224, SHA-256, SHA-384, SHA-512, SHA256, SHA-2
Schemes
MAC, Key Agreement, Key agreement
Protocols
SSH
Randomness
TRNG, DRBG, RNG
Elliptic Curves
P-224, P-256, P-384, P-521, P-192, curve P-256, NIST P-256, NIST P-224, Curve25519, Ed25519
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XTS

Trusted Execution Environments
TEE

Security level
Level 2, level 2, Level 1, Level 3

Standards
FIPS 140-2, FIPS PUB 140-2, FIPS197, FIPS186-4, FIPS198-1, FIPS46-3, FIPS 186-2, FIPS180-4, FIPS140-2, NIST SP 800-38F, SP 800-90A, SP 800-56C, PKCS#1, RFC3394, RFC5649

File metadata

Title FIPS 140-2 Non-Proprietary Security Policy
Author Alejandro Fabio Masino
Creation date D:20210521200804-03'00'
Modification date D:20210521200804-03'00'
Pages 54
Creator Microsoft® Office Word 2007
Producer Microsoft® Office Word 2007

Heuristics

No heuristics are available for this certificate.

References

No references are available for this certificate.

Updates

  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate data changed.
  • The certificate was first processed.

Raw data 

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 3945,
  "dgst": "5366ec7df49331f4",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHS#C1224",
        "CVL#C1224",
        "KBKDF#C1224",
        "HMAC#C1224",
        "ECDSA#C1224",
        "AES#C1224",
        "DRBG#C1224",
        "AES#C1242",
        "RSA#C1224",
        "KTS#C1224"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.0.3",
        "3.0.6"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECDH": {
            "ECDH": 24
          },
          "ECDSA": {
            "ECDSA": 32
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 6
          },
          "DSA": {
            "DSA": 2
          }
        },
        "RSA": {
          "RSA-PSS": 5
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 10
        },
        "CCM": {
          "CCM": 5
        },
        "CFB": {
          "CFB": 1
        },
        "CTR": {
          "CTR": 6
        },
        "ECB": {
          "ECB": 9
        },
        "GCM": {
          "GCM": 9
        },
        "OFB": {
          "OFB": 1
        },
        "XTS": {
          "XTS": 6
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {
        "SSH": {
          "SSH": 1
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 6,
          "Key agreement": 1
        },
        "MAC": {
          "MAC": 15
        }
      },
      "device_model": {},
      "ecc_curve": {
        "Curve": {
          "Curve25519": 1
        },
        "Edwards": {
          "Ed25519": 1
        },
        "NIST": {
          "NIST P-224": 5,
          "NIST P-256": 1,
          "P-192": 8,
          "P-224": 29,
          "P-256": 34,
          "P-384": 24,
          "P-521": 24,
          "curve P-256": 1
        }
      },
      "eval_facility": {
        "atsec": {
          "atsec": 57
        }
      },
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES key 256": 1,
          "AES-256": 2,
          "HMAC-SHA-1": 4,
          "HMAC-SHA-224": 2,
          "HMAC-SHA-256": 20,
          "HMAC-SHA-384": 2,
          "HMAC-SHA-512": 6,
          "PKCS#1": 16,
          "SHA-1": 8,
          "SHA-1 5": 1,
          "SHA-2": 2,
          "SHA-224": 9,
          "SHA-256": 14,
          "SHA-384": 9,
          "SHA-512": 10,
          "SHA256": 1
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 1,
          "Level 3": 1,
          "level 2": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA1": {
            "SHA-1": 9
          },
          "SHA2": {
            "SHA-2": 2,
            "SHA-224": 9,
            "SHA-256": 14,
            "SHA-384": 9,
            "SHA-512": 10,
            "SHA256": 1
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 24
        },
        "RNG": {
          "RNG": 1
        },
        "TRNG": {
          "TRNG": 42
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 69,
          "FIPS 186-2": 1,
          "FIPS PUB 140-2": 2,
          "FIPS140-2": 1,
          "FIPS180-4": 4,
          "FIPS186-4": 10,
          "FIPS197": 2,
          "FIPS198-1": 6,
          "FIPS46-3": 1
        },
        "NIST": {
          "NIST SP 800-38F": 1,
          "SP 800-56C": 1,
          "SP 800-90A": 1
        },
        "PKCS": {
          "PKCS#1": 8
        },
        "RFC": {
          "RFC3394": 2,
          "RFC5649": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 49,
            "AES-256": 2
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1,
            "Triple-DES": 3
          },
          "DES": {
            "DES": 3
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 4,
            "HMAC": 13,
            "HMAC-SHA-224": 1,
            "HMAC-SHA-256": 10,
            "HMAC-SHA-384": 1,
            "HMAC-SHA-512": 3
          }
        }
      },
      "tee_name": {
        "other": {
          "TEE": 2
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Alejandro Fabio Masino",
      "/CreationDate": "D:20210521200804-03\u002700\u0027",
      "/Creator": "Microsoft\u00ae Office Word 2007",
      "/ModDate": "D:20210521200804-03\u002700\u0027",
      "/Producer": "Microsoft\u00ae Office Word 2007",
      "/Title": "FIPS 140-2 Non-Proprietary Security Policy",
      "pdf_file_size_bytes": 1188539,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "https://csrc.nist.gov/publications/nistpubs/800%1e38a/sp800%1e38a.pdf",
          "https://www.ietf.org/rfc/rfc5649.txt",
          "https://csrc.nist.gov/publications/fips/fips197/fips%1e197.pdf",
          "https://csrc.nist.gov/publications/nistpubs/800%1e38C/SP800%1e38C_updated%1eJuly20_2007.pdf",
          "https://csrc.nist.gov/publications/nistpubs/800%1e67%1eRev1/SP%1e800%1e67%1eRev1.pdf",
          "https://csrc.nist.gov/publications/fips/fips198%1e1/FIPS%1e198%1e1_final.pdf",
          "https://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf",
          "http://www.atsec.com/",
          "https://csrc.nist.gov/publications/nistpubs/800%1e38E/nist%1esp%1e800%1e38E.pdf",
          "https://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800%1e38F.pdf",
          "mailto:[email protected]",
          "https://www.ietf.org/rfc/rfc3447.txt",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Ar1.pdf",
          "https://csrc.nist.gov/publications/nistpubs/800%1e108/sp800%1e108.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-56Cr1.pdf",
          "https://csrc.nist.gov/groups/STM/cmvp/documents/fips140-2/FIPS1402IG.pdf",
          "https://www.ietf.org/rfc/rfc3394.txt",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90B.pdf",
          "https://csrc.nist.gov/publications/nistpubs/800%1e38B/SP_800%1e38B.pdf",
          "https://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186%1e4.pdf",
          "https://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800%1e56Ar2.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 54
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_json_hash": null,
    "policy_pdf_hash": "7c1b173f9525294039c5fb22d01856b4f96191ec8a098702da09e470eb05cf3e",
    "policy_txt_hash": "ad6bce0fdca0c71fafee0ca1b100a42fa03bbe73abd42c79d35ce48b2606f296"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/June 2021_010721_0718.pdf",
    "date_sunset": null,
    "description": "VaultIP is a Silicon IP Security Module with a secure asset store protecting all valuable assets on your device. It is a stand-alone Root of Trust that offers key management and crypto functions needed for platform and application security. VaultIP offers all security services to manage your device securely through its lifecycle. These include Secure Debug, Secure Provisioning, HUK and Identity protection and secure authentication services. Secure Boot and Communication protocols such as TLS can leverage VaultIP to secure the boot process and protect private communication keys.",
    "embodiment": "Single Chip",
    "exceptions": [
      "Physical Security: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "3.0.6",
    "historical_reason": "SP 800-56Arev3 transition - replaced by certificate #4459",
    "hw_versions": "3.0.3",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "VaultIP",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "historical",
    "sw_versions": null,
    "tested_conf": [
      "Xilinx Zynq XC7Z045 FPGA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2021-06-07",
        "lab": "atsec information security corporation",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Rambus Inc.",
    "vendor_url": "http://www.rambus.com"
  }
}