This page was not yet optimized for use on mobile
devices.
CryptoManager Root of Trust (CMRT)
Certificate #4325
Webpage information
Security policy
Symmetric Algorithms
AES, AES-, AES-256, TDEA, HMAC, HMAC-SHA-224, HMAC-SHA-256, HMAC-SHA-384, HMAC-SHA-512Asymmetric Algorithms
RSA-CRT, RSA-PSS, ECDH, ECDSA, Diffie-Hellman, DSAHash functions
SHA-224, SHA-256, SHA-384, SHA-512, SHA256, SHA224, SHA-2, SHA2Schemes
MAC, PKE, Key AgreementRandomness
TRNG, DRBGElliptic Curves
P-224, P-256, P-384, P-521, NIST P-256Block cipher modes
ECB, CBC, CTR, CFB, GCMTrusted Execution Environments
SSC, TEESecurity level
Level 2, level 2, Level 1Standards
FIPS 140-2, FIPS PUB 140-2, FIPS197, FIPS186-4, FIPS198-1, FIPS180-4, FIPS140-2, SP 800-56A, SP 800-38F, PKCS#1, RFC3394, RFC5649File metadata
| Title | CMRT_SecurityPolicy_1.0CM3 |
|---|---|
| Author | Marylene Palard |
| Creation date | D:20220908211221Z00'00' |
| Modification date | D:20220908211221Z00'00' |
| Pages | 42 |
| Creator | Word |
| Producer | macOS Version 11.5.2 (Build 20G95) Quartz PDFContext |
Heuristics
No heuristics are available for this certificate.
References
No references are available for this certificate.
Updates Feed
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate data changed.
-
The certificate was first processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4325,
"dgst": "7ca26aafbfe189a2",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#A1102",
"KTS#A1102",
"KAS-SSC#A1102",
"HMAC#A1102",
"KDA#A1102",
"SHS#A1102",
"KBKDF#A1102",
"ECDSA#A1102",
"RSA#A1102",
"KAS#A1102",
"DRBG#A1102"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"02",
"21",
"2022"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECDH": {
"ECDH": 30
},
"ECDSA": {
"ECDSA": 47
}
},
"FF": {
"DH": {
"Diffie-Hellman": 6
},
"DSA": {
"DSA": 1
}
},
"RSA": {
"RSA-CRT": 7,
"RSA-PSS": 1
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 3
},
"CFB": {
"CFB": 1
},
"CTR": {
"CTR": 5
},
"ECB": {
"ECB": 2
},
"GCM": {
"GCM": 5
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {},
"crypto_scheme": {
"KA": {
"Key Agreement": 3
},
"MAC": {
"MAC": 5
},
"PKE": {
"PKE": 3
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"NIST P-256": 4,
"P-224": 20,
"P-256": 36,
"P-384": 20,
"P-521": 20
}
},
"eval_facility": {
"KTC": {
"KTC": 11
},
"atsec": {
"atsec": 44
}
},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES key 256": 1,
"AES- 256": 1,
"AES-256": 2,
"HMAC SHA 256": 1,
"HMAC SHA-512/256": 1,
"HMAC SHA256": 1,
"HMAC- SHA-256": 1,
"HMAC-SHA-2": 2,
"HMAC-SHA-224": 2,
"HMAC-SHA-256": 16,
"HMAC-SHA-384": 2,
"HMAC-SHA-512": 2,
"HMAC-SHA224 / 256": 4,
"PKCS#1": 8,
"SHA 256": 2,
"SHA-2": 1,
"SHA-224": 2,
"SHA-256": 9,
"SHA-384": 2,
"SHA-512": 3,
"SHA2": 3,
"SHA2- 224": 1,
"SHA2- 384": 1,
"SHA2-256": 1,
"SHA2-512": 1,
"SHA224": 3,
"SHA256": 7
}
},
"fips_security_level": {
"Level": {
"Level 1": 1,
"Level 2": 2,
"level 2": 1
}
},
"hash_function": {
"SHA": {
"SHA2": {
"SHA-2": 1,
"SHA-224": 2,
"SHA-256": 9,
"SHA-384": 2,
"SHA-512": 3,
"SHA2": 3,
"SHA224": 3,
"SHA256": 7
}
}
},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 20
},
"TRNG": {
"TRNG": 11
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-2": 53,
"FIPS PUB 140-2": 2,
"FIPS140-2": 2,
"FIPS180-4": 2,
"FIPS186-4": 5,
"FIPS197": 2,
"FIPS198-1": 4
},
"NIST": {
"SP 800-38F": 1,
"SP 800-56A": 1
},
"PKCS": {
"PKCS#1": 4
},
"RFC": {
"RFC3394": 1,
"RFC5649": 2
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 38,
"AES-": 1,
"AES-256": 2
}
},
"DES": {
"3DES": {
"TDEA": 1
}
},
"constructions": {
"MAC": {
"HMAC": 29,
"HMAC-SHA-224": 1,
"HMAC-SHA-256": 8,
"HMAC-SHA-384": 1,
"HMAC-SHA-512": 1
}
}
},
"tee_name": {
"IBM": {
"SSC": 2
},
"other": {
"TEE": 3
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Marylene Palard",
"/CreationDate": "D:20220908211221Z00\u002700\u0027",
"/Creator": "Word",
"/ModDate": "D:20220908211221Z00\u002700\u0027",
"/Producer": "macOS Version 11.5.2 (Build 20G95) Quartz PDFContext",
"/Title": "CMRT_SecurityPolicy_1.0CM3",
"pdf_file_size_bytes": 878931,
"pdf_hyperlinks": {
"_type": "Set",
"elements": []
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 42
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_json_hash": null,
"policy_pdf_hash": "0a0f4ac040fd288f0bd9e6e8ca268ed14a5bef91b4bed3f9d0fe38fc6275a65a",
"policy_txt_hash": "819c802107104e161f29cad77b792efb6b71fb7bcafcd8ba2bae041b419925f1"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "None",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2022_021122_1233_signed.pdf",
"date_sunset": "2026-09-21",
"description": "CMRT is a Silicon IP Security Module with a secure asset store protecting all valuable assets on your device. It is a stand-alone Root of Trust that offers key management and crypto functions needed for platform and application security. CMRT offers all security services to manage your device securely through its lifecycle. These include Secure Debug, Secure Provisioning, Identity protection and secure authentication services. Secure Boot and Communication protocols such as TLS can leverage CMRT to secure the boot process and protect private communication keys.",
"embodiment": "Single Chip",
"exceptions": [
"Mitigation of Other Attacks: N/A"
],
"fw_versions": "2022-02-21-gd74d034",
"historical_reason": null,
"hw_versions": "0x60000611",
"level": 2,
"mentioned_certs": {},
"module_name": "CryptoManager Root of Trust (CMRT)",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": [
"Xilinx Zynq XC7Z045 FPGA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2022-10-10",
"lab": "atsec information security corporation",
"validation_type": "Initial"
}
],
"vendor": "Rambus Inc.",
"vendor_url": "http://www.rambus.com"
}
}