This page was not yet optimized for use on mobile devices.
Inline Crypto Engine (ICE)
Certificate #4797
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-, CMACAsymmetric Algorithms
ECCProtocols
IKE, IPsecBlock cipher modes
ECB, CTR, GCMTrusted Execution Environments
PSPSecurity level
Level 1, level 1Standards
FIPS 140-2, FIPS 140, SP 800-38D, SP 800-38B, SP 800-108, NIST SP 800-38DFile metadata
| Author | Ryan Thomas |
|---|---|
| Creation date | D:20240526172428-04'00' |
| Modification date | D:20240526172428-04'00' |
| Pages | 16 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
14.10.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf.
- The certificate_pdf_url property was set to
-
16.09.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4797,
"dgst": "b43ec56948fb3f0e",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"AES#A4691",
"KBKDF#A4689",
"AES#A4690",
"KTS#A4690",
"AES#A4689"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"1.0"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 2
}
}
},
"certification_process": {},
"cipher_mode": {
"CTR": {
"CTR": 1
},
"ECB": {
"ECB": 4
},
"GCM": {
"GCM": 6
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"IKE": {
"IKE": 1
},
"IPsec": {
"IPsec": 3
}
},
"crypto_scheme": {},
"device_model": {},
"ecc_curve": {},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES 128, 256": 3,
"AES 256": 1,
"AES-GCM 128": 2,
"AES-GCM 256": 4
}
},
"fips_security_level": {
"Level": {
"Level 1": 3,
"level 1": 1
}
},
"hash_function": {},
"ic_data_group": {},
"javacard_api_const": {},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140": 1,
"FIPS 140-2": 10
},
"NIST": {
"NIST SP 800-38D": 2,
"SP 800-108": 3,
"SP 800-38B": 1,
"SP 800-38D": 3
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 5,
"AES-": 2
}
},
"constructions": {
"MAC": {
"CMAC": 6
}
}
},
"tee_name": {
"AMD": {
"PSP": 21
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Ryan Thomas",
"/CreationDate": "D:20240526172428-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20240526172428-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"pdf_file_size_bytes": 346016,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"http://csrc.nist.gov/groups/STM/cmvp/index.html"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 16
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "66668961e6e6d670d717dcde6a8d22bf33c6f296dcb6310d1b0f3b26beff2b61",
"policy_txt_hash": "79f72e5962445073e9de40fafaf50221e5f2204f545fb5c679ba515982ee6d37"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "None",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
"date_sunset": "2026-09-21",
"description": "The Inline Crypto Engine (ICE) module is comprised of a sub-chip cryptographic subsystem in the Google IN762 SoC. The module provides a cryptographic engine supporting cryptographic offload for IPsec and PSP protocols. The ICE module processes network infrastructure packets in both the Ingress and Egress directions. In addition to providing the cryptographic primitives for the security protocols it also provides packet integrity authentication and anti-replay protection.",
"embodiment": "Single Chip",
"exceptions": [
"Mitigation of Other Attacks: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": "1.0",
"level": 1,
"mentioned_certs": {},
"module_name": "Inline Crypto Engine (ICE)",
"module_type": "Hardware",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-2",
"status": "active",
"sw_versions": null,
"tested_conf": [
"IN762 SoC C1"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-13",
"lab": "EWA CANADA",
"validation_type": "Initial"
}
],
"vendor": "Google, LLC",
"vendor_url": "http://www.google.com"
}
}