This page was not yet optimized for use on mobile devices.
Comparing certificates Experimental feature
You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.
ExtraHop Cryptographic Module |
ExtraHop Cryptographic Module |
|
---|---|---|
cert_id | 4561 | 4675 |
dgst | 315ef9b31f21c15d | bb12fc5a6af710c3 |
heuristics/algorithms | SHA-1A2293, HMAC-SHA2-512A2293, SHA2-512A2293, TDES-CMACA2293, AES-CFB8A2293, AES-CBCA2293, TDES-OFBA2293, AES-XTSA2293, HMAC-SHA3-224A2293, AES-ECBA2293, KAS-FFC-SSC Sp800-56Ar3A2293, SHA3-256A2293, TLS v1.3 KDFA2294, AES-GCMA2293, ECDSA SigVer (FIPS186-4)A2293, AES-CFB128A2293, DSA PQGVer (FIPS186-4)A2293, KDA HKDF SP800-56Cr2A2293, SHA2-384A2293, AES-CFB1A2293, TDES-CBCA2293, SHA3-512A2293, HMAC-SHA3-512A2293, PBKDFA2293, SHA3-224A2293, TDES-CFB8A2293, SHAKE-256A2293, TDES-CFB1A2293, AES-CMACA2293, AES-KWA2293, KDF SSHA2293, RSA KeyGen (FIPS186-4)A2293, SHAKE-128A2293, RSA SigGen (FIPS186-4)A2293, ECDSA KeyGen (FIPS186-4)A2293, HMAC-SHA3-256A2293, TDES-CFB64A2293, SHA2-256A2293, AES-GMACA2293, Counter DRBGA2293, RSA SigVer (FIPS186-4)A2293, AES-OFBA2293, TLS v1.2 KDF RFC7627A2293, AES-KWPA2293, ECDSA KeyVer (FIPS186-4)A2293, HMAC-SHA2-384A2293, DSA PQGGen (FIPS186-4)A2293, KDF TLSA2293, SHA2-224A2293, HMAC-SHA-1A2293, HMAC-SHA2-256A2293, HMAC-SHA2-224A2293, DSA KeyGen (FIPS186-4)A2293, AES-CCMA2293, TDES-ECBA2293, KAS-ECC-SSC Sp800-56Ar3A2293, DSA SigVer (FIPS186-4)A2293, HMAC-SHA3-384A2293, AES-CTRA2293, SHA3-384A2293 | TDES-OFBA4978, ECDSA KeyVer (FIPS186-4)A4978, KDF SSHA4978, TDES-CMACA4978, Counter DRBGA4978, KAS-FFC-SSC Sp800-56Ar3A4978, TDES-CFB8A4978, HMAC-SHA2-512A4978, TDES-CFB1A4978, TDES-CBCA4978, AES-KWA4978, SHAKE-128A4978, AES-OFBA4978, SHA2-384A4978, KDA HKDF SP800-56Cr2A4978, ECDSA SigGen (FIPS186-4)A4978, AES-CBCA4978, RSA KeyGen (FIPS186-4)A4978, SHA2-512A4978, SHA-1A4978, AES-CFB8A4978, HMAC-SHA2-384A4978, SHA2-256A4978, PBKDFA4978, SHA3-384A4978, SHAKE-256A4978, AES-CMACA4978, HMAC-SHA2-256A4978, ECDSA KeyGen (FIPS186-4)A4978, SHA2-224A4978, AES-CFB1A4978, KAS-ECC-SSC Sp800-56Ar3A4978, DSA SigVer (FIPS186-4)A4978, ECDSA SigVer (FIPS186-4)A4978, TDES-CFB64A4978, AES-XTSA4978, HMAC-SHA3-256A4978, AES-GMACA4978, SHA3-256A4978, HMAC-SHA3-224A4978, DSA PQGVer (FIPS186-4)A4978, HMAC-SHA-1A4978, AES-GCMA4978, RSA SigVer (FIPS186-4)A4978, DSA SigGen (FIPS186-4)A4978, TLS v1.2 KDF RFC7627A4978, AES-CTRA4978, AES-KWPA4978, SHA3-224A4978, DSA KeyGen (FIPS186-4)A4978, SHA3-512A4978, HMAC-SHA3-512A4978, TLS v1.3 KDFA4979, DSA PQGGen (FIPS186-4)A4978, TDES-ECBA4978, AES-CFB128A4978, AES-CCMA4978, HMAC-SHA2-224A4978, AES-ECBA4978, HMAC-SHA3-384A4978, RSA SigGen (FIPS186-4)A4978, KDF TLSA4978 |
pdf_data/keywords/fips_cert_id |
|
|
pdf_data/keywords/fips_certlike |
|
|
pdf_data/keywords/vendor |
|
|
pdf_data/keywords/symmetric_crypto |
|
|
pdf_data/keywords/asymmetric_crypto |
|
|
pdf_data/keywords/hash_function |
|
|
pdf_data/keywords/crypto_protocol |
|
|
pdf_data/keywords/randomness |
|
|
pdf_data/keywords/cipher_mode |
|
|
pdf_data/keywords/ecc_curve |
|
|
pdf_data/keywords/standard_id |
|
|
pdf_data/policy_metadata |
|
|
state/policy_pdf_hash | Different | Different |
state/policy_txt_hash | Different | Different |
web_data/caveat | When operated in approved mode. No assurance of the minimum strength of generated keys | When operated in approved mode. No assurance of the minimum strength of generated SSPs (e.g., keys) |
web_data/certificate_pdf_url | https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2023_010923_0844.pdf | https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/January 2024_010224_0801.pdf |
web_data/date_sunset | 29.01.2029 | |
web_data/description | The ExtraHop Cryptographic Module 1.0 is a cryptographic library embedded in the ExtraHop Reveal(x) 360 application software. The ExtraHop Cryptographic Module 1.0 offers symmetric encryption/decryption, digital signature generation/verification, hashing, cryptographic key generation, random number generation, message authentication, and key establishment functions to secure data-at-rest/data-in-flight and to support secure communications protocols (including SSH and TLS 1.2/1.3). | The ExtraHop Cryptographic Module 2.0 is a cryptographic library embedded in the ExtraHop Reveal(x) 360 application software. The ExtraHop Cryptographic Module 2.0 offers symmetric encryption/decryption, digital signature generation/verification, hashing, cryptographic key generation, random number generation, message authentication, and key establishment functions to secure data-at-rest/data-in-flight and to support secure communications protocols (including SSH and TLS 1.2/1.3). |
web_data/revoked_reason | Non-conformance to the FIPS 140-3 standard identified | |
web_data/status | revoked | active |
web_data/sw_versions | 1.0 | 2.0 |
web_data/tested_conf | ExtraHop OS 8.6 on VMware ESXi 6.7 running on Dell PowerEdge R640-XL with Intel Xeon Silver 4110 with PAA, ExtraHop OS 8.6 on VMware ESXi 6.7 running on Dell PowerEdge R640-XL with Intel Xeon Silver 4110 without PAA, ExtraHop OS 8.6 on VMware ESXi 7.0 running on Dell PowerEdge R740 with Intel Xeon Silver 4110 with PAA, ExtraHop OS 8.6 on VMware ESXi 7.0 running on Dell PowerEdge R740 with Intel Xeon Silver 4110 without PAA, ExtraHop OS 8.6 running on EDA 8200 appliance with Intel Xeon Silver 4110 with PAA, ExtraHop OS 8.6 running on EDA 8200 appliance with Intel Xeon Silver 4110 without PAA | Debian 9 running on a Dell PowerEdge R440 with an Intel® Xeon Silver 4214R with PAA, Debian 9 running on a Dell PowerEdge R440 with an Intel® Xeon Silver 4214R without PAA, , , , |
web_data/validation_history |
|
|