Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.
Nutanix Cryptographic Module for OpenSSH Server
Nutanix Cryptographic Module for OpenSSH Server
cert_id 3473 4365
dgst 18c6b6f840407250 a473459996b96ce0
heuristics/algorithms HMAC#3708, AES#5562, SHS#4465, AES#C661, DRBG#2216, ECDSA#1499, CVL#1998, CVL#1994 KAS#A1403, SHS#A1403, CVL#A1405, KAS#A1405, KAS-SSC#A1403, KTS#A1403, ECDSA#A1403, DRBG#A1403, AES#A1403, HMAC#A1403
heuristics/module_processed_references/directly_referencing 3460 4249
heuristics/module_processed_references/indirectly_referencing 3460 4249
heuristics/module_prunned_references 3460 4249
heuristics/policy_processed_references/directly_referencing 3460 4249
heuristics/policy_processed_references/indirectly_referencing 3460 4249
heuristics/policy_prunned_references 3460 4249
pdf_data/keywords/fips_cert_id
  • Cert:
    • #3460: 6
  • Cert:
    • #4249: 6
pdf_data/keywords/fips_certlike
  • Certlike:
    • AES [197: 1
    • AES-128: 2
    • AES-192: 1
    • AES-256: 3
    • HMAC [198: 1
    • HMAC-SHA-1: 2
    • HMAC-SHA-256: 6
    • HMAC-SHA-512: 2
    • SHA-1: 2
    • SHA-2: 1
    • SHA-224: 1
    • SHA-256: 2
    • SHA-384: 2
    • SHA-512: 1
    • SHS [180: 1
  • Certlike:
    • AES [197: 1
    • AES-128: 4
    • AES-192: 3
    • AES-256: 4
    • HMAC [198: 1
    • HMAC-SHA-1: 4
    • HMAC-SHA-256: 6
    • HMAC-SHA-512: 2
    • SHA-1: 4
    • SHA-2: 1
    • SHA-224: 1
    • SHA-256: 1
    • SHA-384: 1
    • SHA-512: 1
    • SHA2-256: 2
    • SHA2-384: 2
    • SHA2-512: 2
    • SHS [180: 1
pdf_data/keywords/symmetric_crypto
  • AES_competition:
    • AES:
      • AES: 4
      • AES-128: 2
      • AES-192: 1
      • AES-256: 3
  • constructions:
    • MAC:
      • HMAC: 6
      • HMAC-SHA-256: 3
      • HMAC-SHA-512: 1
  • AES_competition:
    • AES:
      • AES: 4
      • AES-128: 4
      • AES-192: 3
      • AES-256: 4
  • constructions:
    • MAC:
      • HMAC: 7
      • HMAC-SHA-256: 3
      • HMAC-SHA-512: 1
pdf_data/keywords/asymmetric_crypto
  • ECC:
    • ECC:
      • ECC: 5
    • ECDSA:
      • ECDSA: 1
  • FF:
    • DH:
      • Diffie-Hellman: 2
  • ECC:
    • ECC:
      • ECC: 6
    • ECDSA:
      • ECDSA: 2
pdf_data/keywords/hash_function
  • SHA:
    • SHA1:
      • SHA-1: 2
    • SHA2:
      • SHA-2: 1
      • SHA-224: 1
      • SHA-256: 2
      • SHA-384: 2
      • SHA-512: 1
  • SHA:
    • SHA1:
      • SHA-1: 4
    • SHA2:
      • SHA-2: 1
      • SHA-224: 1
      • SHA-256: 1
      • SHA-384: 1
      • SHA-512: 1
pdf_data/keywords/crypto_scheme
  • KEX:
    • Key exchange: 3
  • MAC:
    • MAC: 3
  • KEX:
    • Key exchange: 2
  • MAC:
    • MAC: 4
pdf_data/keywords/crypto_protocol
  • SSH:
    • SSH: 15
  • TLS:
    • TLS:
      • TLS: 1
  • SSH:
    • SSH: 14
  • TLS:
    • TLS:
      • TLS: 1
pdf_data/keywords/randomness
  • PRNG:
    • DRBG: 3
  • PRNG:
    • DRBG: 4
pdf_data/keywords/cipher_mode
  • CBC:
    • CBC: 1
  • CCM:
    • CCM: 2
  • GCM:
    • GCM: 6
  • CBC:
    • CBC: 1
  • CCM:
    • CCM: 2
  • CTR:
    • CTR: 1
  • GCM:
    • GCM: 5
pdf_data/keywords/ecc_curve
  • NIST:
    • P-256: 8
    • P-384: 8
    • P-521: 6
  • NIST:
    • P-256: 10
    • P-384: 10
    • P-521: 6
pdf_data/keywords/crypto_library
  • OpenSSL:
    • OpenSSL: 4
  • OpenSSL:
    • OpenSSL: 6
pdf_data/keywords/tee_name
  • IBM:
    • SSC: 4
pdf_data/keywords/standard_id
  • FIPS:
    • FIPS 140-2: 16
    • FIPS 180-4: 1
    • FIPS 186-4: 1
    • FIPS 197: 1
    • FIPS 198-1: 1
  • NIST:
    • NIST SP 800-135: 1
    • NIST SP 800-38A: 1
    • NIST SP 800-38C: 1
    • NIST SP 800-38D: 1
    • NIST SP 800-56A: 1
    • NIST SP 800-57: 1
    • NIST SP 800-90A: 1
    • SP 800-131A: 1
  • FIPS:
    • FIPS 140-2: 19
    • FIPS 180-4: 1
    • FIPS 186-4: 1
    • FIPS 197: 1
    • FIPS 198-1: 1
  • NIST:
    • NIST SP 800-131A: 1
    • NIST SP 800-135: 1
    • NIST SP 800-38A: 1
    • NIST SP 800-38C: 1
    • NIST SP 800-38D: 1
    • NIST SP 800-38F: 1
    • NIST SP 800-56A: 1
    • NIST SP 800-57: 1
    • NIST SP 800-90A: 1
pdf_data/keywords/javacard_api_const
  • curves:
    • ED25519: 1
pdf_data/policy_metadata
state/policy_pdf_hash Different Different
state/policy_txt_hash Different Different
web_data/caveat When operated in FIPS mode with Nutanix Cryptographic Module for OpenSSL validated to FIPS 140-2 under Cert. #3460 operating in FIPS mode When operated in FIPS mode and configured as specified in Section 3 of the Security Policy with the Nutanix Cryptographic Module for OpenSSL validated to FIPS 140-2 under Cert. #4249 operating in FIPS mode. No assurance of the minimum strength of generated keys
web_data/certificate_pdf_url https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/JuneConsolidated.pdf https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/November 2022_051222_0640_signed.pdf
web_data/date_sunset 21.09.2026
web_data/description The Nutanix Cryptographic Module for OpenSSH Server provides server-side support for SSH version 2. This cryptographic module functions together with the Nutanix Cryptographic Module for OpenSSL to provide FIPS validated cryptography for SSH connections. The Nutanix Cryptographic Module for OpenSSH Server is a cryptographic software module, designated as a multi-chip standalone embodiment, and used in Nutanix solutions to provide FIPS 140-2 Approved SSH server-side secure communication.
web_data/historical_reason SP 800-56Arev3 transition None
web_data/mentioned_certs
  • 3460: 1
  • 4249: 1
web_data/status historical active
web_data/sw_versions OpenSSH server RPM package 7.4p1-16.el7 and fipscheck RPM package 1.4.1-6.el7 6.0
web_data/tested_conf CentOS 7.5 running on Nutanix NX-3360-G6 with Intel Xeon Silver-4116 with PAA, CentOS 7.5 running on Nutanix NX-3360-G6 with Intel Xeon Silver-4116 without PAA (single-user mode), None, None CentOS 7.9 on Nutanix Acropolis Hypervisor (AHV) 7.1.1 running on a Nutanix NX-3360-G7 with an Intel® Xeon® Gold 6234 with PAA, CentOS 7.9 on Nutanix Acropolis Hypervisor (AHV) 7.1.1 running on a Nutanix NX-3360-G7 with an Intel® Xeon® Gold 6234 without PAA, CentOS 7.9 running on a Nutanix NX-3360-G7 with an Intel® Xeon® Gold 6234 with PAA, CentOS 7.9 running on a Nutanix NX-3360-G7 with an Intel® Xeon® Gold 6234 without PAA (single-user mode)
web_data/validation_history
  • date: 12.06.2019
  • lab: UL VERIFICATION SERVICES INC
  • validation_type: Initial
  • date: 14.11.2022
  • lab: Lightship Security, Inc.
  • validation_type: Initial