Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Entrust Authority™ Security Kernel
Entrust Authority™ Security Kernel
cert_id 3981 1702
dgst 11bec72dc466196d 7a64ce427ce0ca96
heuristics/algorithms SHS#C600, HMAC#C604, DSA#C602, AES#C614, CVL#C607, DRBG#C601, RSA#C605, Triple-DES#C606, CVL#C605, KTS#C614, ECDSA#C603 CVL#111, SHS#2206, ECDSA#454, DSA#610, ECDSA#275, RSA#992, DSA#794, Triple-DES#1580, DRBG#167, CVL#15, RSA#1345, AES#1923, SHS#1689, Triple-DES MAC#1253, HMAC#1628, Triple-DES#1253, HMAC#1158, DRBG#405, AES#2631
heuristics/module_processed_references/directly_referencing 2936 {}
heuristics/module_processed_references/indirectly_referencing 2932, 3501, 2936, 2931, 2933, 3487, 3502 {}
heuristics/module_prunned_references 2936 {}
heuristics/policy_processed_references/directly_referencing 2936 {}
heuristics/policy_processed_references/indirectly_referencing 2932, 3501, 2936, 2931, 2933, 3487, 3502 {}
heuristics/policy_prunned_references 2936 {}
pdf_data/keywords/fips_cert_id
  • Cert:
    • #2936: 1
  • Cert:
    • #111: 1
    • #1158: 1
    • #1253: 2
    • #1345: 1
    • #15: 1
    • #1580: 1
    • #167: 1
    • #1689: 1
    • #1923: 2
    • #2206: 1
    • #2631: 2
    • #275: 1
    • #405: 1
    • #454: 1
    • #610: 1
    • #794: 1
    • #992: 1
pdf_data/keywords/fips_security_level
  • Level:
    • Level 1: 1
    • Level 2: 23
    • level 2: 3
  • Level:
    • Level 1: 1
    • Level 2: 18
    • level 2: 4
pdf_data/keywords/fips_certlike
  • Certlike:
    • AES-128: 2
    • AES-192: 2
    • AES-256: 2
    • DSA (1024: 1
    • DSA-1024: 2
    • DSA-512: 1
    • HMAC-SHA1: 5
    • HMAC-SHA1 (160: 1
    • HMAC-SHA224: 5
    • HMAC-SHA224 (224: 1
    • HMAC-SHA256: 5
    • HMAC-SHA256 (256: 1
    • HMAC-SHA384: 5
    • HMAC-SHA384 (384: 1
    • HMAC-SHA512: 5
    • HMAC-SHA512 (512: 1
    • HMAC256: 4
    • SHA-1: 2
    • SHA-2: 4
    • SHA1: 3
    • SHA224: 2
    • SHA256: 2
    • SHA384: 2
    • SHA512: 4
    • SHA512 (256: 1
  • Certlike:
    • AES 128 bit (128: 1
    • AES GCM 128: 1
    • AES-128: 1
    • AES-192: 1
    • AES-256: 1
    • DES 64: 1
    • DSA-1024: 2
    • DSA-512: 1
    • HMAC-SHA1: 5
    • HMAC-SHA1 (160: 1
    • HMAC-SHA224: 5
    • HMAC-SHA224 (224: 1
    • HMAC-SHA256: 5
    • HMAC-SHA256 (256: 1
    • HMAC-SHA384: 5
    • HMAC-SHA384 (384: 1
    • HMAC-SHA512: 5
    • HMAC-SHA512 (512: 1
    • PKCS 11: 8
    • PKCS11: 2
    • SHA-1: 5
    • SHA1: 5
    • SHA224: 2
    • SHA256: 2
    • SHA384: 2
    • SHA512: 4
    • SHA512 (256: 1
pdf_data/keywords/vendor
  • Microsoft:
    • Microsoft: 4
  • Microsoft:
    • Microsoft: 3
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 13
      • AES-128: 2
      • AES-192: 2
      • AES-256: 2
  • DES:
    • 3DES:
      • TDES: 2
      • Triple-DES: 13
  • constructions:
    • MAC:
      • HMAC: 8
  • AES_competition:
    • AES:
      • AES: 6
      • AES-128: 1
      • AES-192: 1
      • AES-256: 1
    • CAST:
      • CAST: 1
      • CAST5: 1
    • RC:
      • RC2: 1
      • RC4: 1
  • DES:
    • 3DES:
      • Triple-DES: 10
    • DES:
      • DES: 1
  • constructions:
    • MAC:
      • HMAC: 6
  • miscellaneous:
    • IDEA:
      • IDEA: 1
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 4
    • ECDH:
      • ECDH: 15
    • ECDSA:
      • ECDSA: 10
  • FF:
    • DH:
      • DH: 1
    • DSA:
      • DSA: 7
  • RSA:
    • RSA-1024: 1
    • RSA-2048: 5
    • RSA-3072: 2
    • RSA-4096: 2
    • RSA-512: 1
  • ECC:
    • ECC:
      • ECC: 3
    • ECDH:
      • ECDH: 10
    • ECDSA:
      • ECDSA: 5
  • FF:
    • DH:
      • DH: 5
    • DSA:
      • DSA: 5
  • RSA:
    • RSA-1024: 4
    • RSA-2048: 2
    • RSA-3072: 2
    • RSA-512: 3
pdf_data/keywords/hash_function
  • SHA:
    • SHA1:
      • SHA-1: 2
      • SHA1: 3
    • SHA2:
      • SHA-2: 4
      • SHA224: 2
      • SHA256: 2
      • SHA384: 2
      • SHA512: 5
  • MD:
    • MD5:
      • MD5: 1
  • SHA:
    • SHA1:
      • SHA-1: 5
      • SHA1: 5
    • SHA2:
      • SHA224: 2
      • SHA256: 2
      • SHA384: 2
      • SHA512: 5
pdf_data/keywords/crypto_scheme
  • KA:
    • Key Agreement: 9
  • MAC:
    • MAC: 11
  • PAKE:
    • PAKE: 1
  • KA:
    • Key Agreement: 5
  • MAC:
    • MAC: 8
  • PAKE:
    • PAKE: 1
pdf_data/keywords/crypto_protocol
  • TLS:
    • SSL:
      • SSL: 1
  • TLS:
    • SSL:
      • SSL: 2
pdf_data/keywords/randomness
  • PRNG:
    • DRBG: 6
  • PRNG:
    • DRBG: 3
pdf_data/keywords/cipher_mode
  • CBC:
    • CBC: 2
  • ECB:
    • ECB: 2
  • GCM:
    • GCM: 4
  • GCM:
    • GCM: 2
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 1: 1
    • FIPS 140-2: 17
    • FIPS 180-4: 2
    • FIPS 186-2: 3
    • FIPS 186-4: 5
    • FIPS 197: 1
    • FIPS 198-1: 2
    • FIPS PUB 140-2: 1
  • NIST:
    • NIST SP 800-135: 1
    • SP 800-135: 1
    • SP 800-38D: 2
    • SP 800-38F: 1
  • RFC:
    • RFC-5639: 1
  • FIPS:
    • FIPS 140-2: 14
    • FIPS 186-2: 3
    • FIPS 186-3: 3
    • FIPS PUB 140-2: 1
  • NIST:
    • SP 800-135: 1
    • SP 800-56A: 1
  • PKCS:
    • PKCS 11: 4
    • PKCS11: 1
pdf_data/policy_metadata
  • /Author: lgarcia
  • /CreationDate: D:20160711164938-07'00'
  • /Creator: PScript5.dll Version 5.2.2
  • /ModDate: D:20160711164938-07'00'
  • /Producer: Acrobat Distiller 11.0 (Windows)
  • /Title: Microsoft Word - 401f - Entrust_BaseSK_8.1sp1_R3_FIPS140-2(level2)_Security_Policy.doc
  • pdf_file_size_bytes: 266680
  • pdf_hyperlinks: {}
  • pdf_is_encrypted: False
  • pdf_number_of_pages: 18
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/caveat When operated in FIPS mode with module [Cryptographic Primitives Library (bcryptprimitives.dll and ncryptsslp.dll) in Windows Server 2016 Standard] validated to FIPS 140-2 under Cert. #2936 operating in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy When operated in FIPS mode
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/July 2021_020821_0740_signed.pdf https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertList0016.pdf
web_data/description The Security Kernel is a C++ implementation of cryptographic functions accessible by an object-oriented API. Depending on configuration, the algorithms may be implemented in software, hardware, or both. By managing the full lifecycles of digital certificate-based identities, Entrust Authority PKI enables encryption, digital signature and certificate authentication capabilities to be consistently and transparently applied across a broad range of applications and platforms.
web_data/exceptions Physical Security: N/A, Mitigation of Other Attacks: N/A []
web_data/historical_reason Moved to historical list due to dependency on certificate #2937 Moved to historical list due to sunsetting
web_data/mentioned_certs
  • 2936: 1
web_data/sw_versions 1.0 and 1.1 8.1sp1, 8.1sp1R2 and 8.1sp1R3
web_data/tested_conf Microsoft Windows Server 2016 Standard Edition running on a HP Compaq Pro 6305 with an AMD A4 (single-user mode) Windows Server 2008 R2 Enterprise Edition running on Dell Optiplex 755
web_data/validation_history
  • date: 15.07.2021
  • lab: UL VERIFICATION SERVICES INC
  • validation_type: Initial
  • date: 12.04.2012
  • lab: UL VERIFICATION SERVICES INC
  • validation_type: Initial
web_data/vendor Entrust Corporation Entrust, Inc.