This page was not yet optimized for use on mobile devices.

Integrated Management Complex (IMC) and B227 True Random Number Generator (TRNG) Firmware-Hybrid Cryptographic Module

Certificate #4798

Webpage information ?

Status	active
Validation dates	13.09.2024
Sunset date	21-09-2026
Standard	FIPS 140-2
Security level	1
Type	Firmware-Hybrid
Embodiment	Single Chip
Caveat	When operated in FIPS mode with modules [Google Titan-D] validated to FIPS 140-2 under Cert. #4367 operating in FIPS mode.
Exceptions	Mitigation of Other Attacks: N/A
Description	The Integrated Management Complex firmware manages functions such as power-on, reset, clock and power control, configuration, and security functions including encryption and decryption, key derivation, key generation, and hashing. The IMC performs these functions as ARM Trusted Execution Environment (TEE) firmware executing on two ARM-A53 processors within the IN762 SoC. The hardware comprises the B227 TRNG, which is a NIST SP800-90 A/B compliant TRNG employed by the IMC module for generating cryptographic keys.
Version (Hardware)	3.00b
Version (Firmware)	20240510
Tested configurations	IN762 SoC C1 with ARM Cortex-A53
Vendor	Google, LLC
References	This certificate's webpage directly references 1 certificates, transitively this expands into 1 certificates.

Certificate

Webpage

Security policy ?

Security target PDF TXT

Symmetric Algorithms

AES-, AES, CMAC

Hash functions

SHA-256

Randomness

TRNG, DRBG, RNG

Block cipher modes

ECB, CTR, GCM

Trusted Execution Environments

PSP, TEE

Security level

Level 1, level 1

Standards

FIPS 140-2, FIPS 140, FIPS 180-4, NIST SP 800-90, SP 800-38A, SP 800-38B, SP 800-90A, SP 800-108, SP 800-90B

File metadata

Author	Ryan Thomas
Creation date	D:20240719174912-04'00'
Modification date	D:20240719174912-04'00'
Pages	16
Creator	Microsoft® Word for Microsoft 365
Producer	Microsoft® Word for Microsoft 365

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

14.10.2024 The certificate data changed.
Certificate changed

The web extraction data was updated.
- The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf.
16.09.2024 The certificate was first processed.

New certificate

A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4798,
  "dgst": "bcaf29cf76c15716",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES#A2721",
        "KBKDF#A2469",
        "DRBG#A2469",
        "AES#A2469",
        "DRBG#A2721",
        "AES#A2932",
        "SHS#A2469"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "3.00"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": {
        "_type": "Set",
        "elements": [
          "4367"
        ]
      },
      "indirectly_referenced_by": null,
      "indirectly_referencing": {
        "_type": "Set",
        "elements": [
          "4367"
        ]
      }
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": [
        "4367"
      ]
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {},
      "certification_process": {},
      "cipher_mode": {
        "CTR": {
          "CTR": 1
        },
        "ECB": {
          "ECB": 1
        },
        "GCM": {
          "GCM": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {},
      "device_model": {},
      "ecc_curve": {},
      "eval_facility": {
        "EWA": {
          "EWA-Canada": 1
        },
        "Intertek": {
          "Intertek": 1
        }
      },
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES-CBC 128": 1,
          "AES-CMAC 128": 1,
          "AES-CTR 256": 1,
          "DRBG 256": 2,
          "SHA-256": 2
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 3,
          "level 1": 1
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-256": 2
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 36
        },
        "RNG": {
          "RNG": 1
        },
        "TRNG": {
          "TRNG": 20
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140": 1,
          "FIPS 140-2": 13,
          "FIPS 180-4": 1
        },
        "NIST": {
          "NIST SP 800-90": 1,
          "SP 800-108": 2,
          "SP 800-38A": 2,
          "SP 800-38B": 1,
          "SP 800-90A": 17,
          "SP 800-90B": 4
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 1,
            "AES-": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 2
          }
        }
      },
      "tee_name": {
        "AMD": {
          "PSP": 18
        },
        "other": {
          "TEE": 2
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Ryan Thomas",
      "/CreationDate": "D:20240719174912-04\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word for Microsoft 365",
      "/ModDate": "D:20240719174912-04\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word for Microsoft 365",
      "pdf_file_size_bytes": 497501,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://csrc.nist.gov/groups/STM/cmvp/index.html"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 16
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "f1c8f645e8958e8d90d8b7c418e4b263019e76bb1d6be369ab9089855d3e77ab",
    "policy_txt_hash": "c3a3b85c94e2203726cf3462846c454a08379a844b5a8348c347913931ab3ac3"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in FIPS mode with modules [Google Titan-D] validated to FIPS 140-2 under Cert. #4367 operating in FIPS mode.",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
    "date_sunset": "2026-09-21",
    "description": "The Integrated Management Complex firmware manages functions such as power-on, reset, clock and power control, configuration, and security functions including encryption and decryption, key derivation, key generation, and hashing. The IMC performs these functions as ARM Trusted Execution Environment (TEE) firmware executing on two ARM-A53 processors within the IN762 SoC. The hardware comprises the B227 TRNG, which is a NIST SP800-90 A/B compliant TRNG employed by the IMC module for generating cryptographic keys.",
    "embodiment": "Single Chip",
    "exceptions": [
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": "20240510",
    "historical_reason": null,
    "hw_versions": "3.00b",
    "level": 1,
    "mentioned_certs": {
      "4367": 1
    },
    "module_name": "Integrated Management Complex (IMC) and B227 True Random Number Generator (TRNG) Firmware-Hybrid Cryptographic Module",
    "module_type": "Firmware-Hybrid",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": null,
    "tested_conf": [
      "IN762 SoC C1 with ARM Cortex-A53"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-09-13",
        "lab": "EWA CANADA",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Google, LLC",
    "vendor_url": "http://www.google.com"
  }
}