cert_id |
4633 |
3614 |
dgst |
6656cb1339533eec |
cd2d7b379cbdcdfd |
heuristics/algorithms |
AES#A3223, RSA#A3223, KTS#A3223, ECDSA#A3223, DRBG#349, KAS-SSC#A3223, KAS#A3223, CVL#A3223, DSA#A3223, Triple-DES#A3223, HMAC#A3223, SHS#A3223 |
ECDSA#C212, HMAC#C212, KTS#C212, SHS#C212, RSA#C212, AES#C212, DRBG#349, DSA#C212, CVL#C212, Triple-DES#C212 |
heuristics/cpe_matches |
{} |
{} |
heuristics/direct_transitive_cves |
{} |
{} |
heuristics/extracted_versions |
1.0.1 |
1.0.1 |
heuristics/indirect_transitive_cves |
{} |
{} |
heuristics/module_processed_references/directly_referenced_by |
{} |
{} |
heuristics/module_processed_references/directly_referencing |
{} |
{} |
heuristics/module_processed_references/indirectly_referenced_by |
{} |
{} |
heuristics/module_processed_references/indirectly_referencing |
{} |
{} |
heuristics/module_prunned_references |
{} |
{} |
heuristics/policy_processed_references/directly_referenced_by |
{} |
{} |
heuristics/policy_processed_references/directly_referencing |
{} |
{} |
heuristics/policy_processed_references/indirectly_referenced_by |
{} |
{} |
heuristics/policy_processed_references/indirectly_referencing |
{} |
{} |
heuristics/policy_prunned_references |
{} |
{} |
heuristics/related_cves |
{} |
{} |
heuristics/verified_cpe_matches |
{} |
{} |
pdf_data/keywords/fips_cert_id |
|
|
pdf_data/keywords/fips_security_level |
|
|
pdf_data/keywords/fips_certlike |
- Certlike:
- #349 DRBG: 1
- HMAC- SHA1: 4
- HMAC-SHA1: 4
- PKCS1: 8
- RSA 2048: 2
- SHA- 224: 5
- SHA- 256: 4
- SHA- 384: 1
- SHA- 512: 4
- SHA- 512 160: 1
- SHA-1: 7
- SHA-2: 1
- SHA-224: 6
- SHA-256: 13
- SHA-384: 10
- SHA-512: 5
- SHA-512 224: 1
- SHA1: 4
- SHA2-256: 2
|
- Certlike:
- #349 DRBG: 1
- HMAC- SHA1: 3
- HMAC-SHA1: 4
- PKCS1: 8
- RSA 2048: 2
- SHA- 224: 5
- SHA- 256: 4
- SHA- 512: 4
- SHA- 512 160: 1
- SHA-1: 8
- SHA-2: 1
- SHA-224: 6
- SHA-256: 13
- SHA-384: 11
- SHA-512: 5
- SHA-512 224: 1
- SHA1: 3
- SHA2-256: 2
|
pdf_data/keywords/vendor |
|
|
pdf_data/keywords/eval_facility |
|
|
pdf_data/keywords/symmetric_crypto |
- AES_competition:
- DES:
- constructions:
|
- AES_competition:
- DES:
- constructions:
|
pdf_data/keywords/asymmetric_crypto |
|
|
pdf_data/keywords/pq_crypto |
|
|
pdf_data/keywords/hash_function |
- MD:
- SHA:
- SHA1:
- SHA2:
- SHA-2: 1
- SHA-224: 6
- SHA-256: 13
- SHA-384: 10
- SHA-512: 6
- SHAKE:
|
- MD:
- SHA:
- SHA1:
- SHA2:
- SHA-2: 1
- SHA-224: 6
- SHA-256: 13
- SHA-384: 11
- SHA-512: 6
- SHAKE:
|
pdf_data/keywords/crypto_scheme |
|
|
pdf_data/keywords/crypto_protocol |
|
|
pdf_data/keywords/randomness |
|
|
pdf_data/keywords/cipher_mode |
|
|
pdf_data/keywords/ecc_curve |
- Edwards:
- NIST:
- NIST P-521: 1
- P-160: 1
- P-192: 2
- P-224: 8
- P-256: 12
- P-320: 1
- P-384: 10
- P-512: 1
- P-521: 9
|
- Edwards:
- NIST:
- NIST P-521: 1
- P-160: 1
- P-192: 2
- P-224: 8
- P-256: 10
- P-320: 1
- P-384: 8
- P-512: 1
- P-521: 7
|
pdf_data/keywords/crypto_engine |
|
|
pdf_data/keywords/tls_cipher_suite |
|
|
pdf_data/keywords/crypto_library |
|
|
pdf_data/keywords/vulnerability |
|
|
pdf_data/keywords/side_channel_analysis |
|
|
pdf_data/keywords/device_model |
|
|
pdf_data/keywords/tee_name |
|
|
pdf_data/keywords/os_name |
|
|
pdf_data/keywords/cplc_data |
|
|
pdf_data/keywords/ic_data_group |
|
|
pdf_data/keywords/standard_id |
- FIPS:
- FIPS 140-2: 8
- FIPS 180-4: 1
- FIPS 186-2: 1
- FIPS 186-4: 9
- FIPS 197: 2
- FIPS 198-1: 1
- FIPS140-2: 1
- NIST:
- SP 800-133: 1
- SP 800-135: 1
- SP 800-38D: 1
- SP 800-38F: 1
- SP 800-56A: 1
- SP 800-67: 1
- PKCS:
|
- FIPS:
- FIPS 140-2: 10
- FIPS 180-4: 1
- FIPS 186-2: 1
- FIPS 186-4: 9
- FIPS 197: 2
- FIPS 198-1: 1
- FIPS140-2: 1
- NIST:
- SP 800-133: 1
- SP 800-135: 1
- SP 800-38D: 1
- SP 800-38F: 1
- SP 800-67: 1
- PKCS:
|
pdf_data/keywords/javacard_version |
|
|
pdf_data/keywords/javacard_api_const |
|
|
pdf_data/keywords/javacard_packages |
|
|
pdf_data/keywords/certification_process |
|
|
pdf_data/policy_metadata |
|
- /Author:
- /CreationDate: D:20200122162336-03'00'
- /Creator: LaTeX with hyperref package
- /Keywords:
- /ModDate: D:20200122162336-03'00'
- /PTEX.Fullbanner: This is pdfTeX, Version 3.14159265-2.6-1.40.16 (TeX Live 2015/Debian) kpathsea version 6.2.1
- /Producer: Kryptus Information Security Solutions
- /Subject:
- /Title: ASI-HSM AHX5 KNET Cryptographic Module Non-Proprietary Security Policy
- /Trapped: /False
- pdf_file_size_bytes: 3336571
- pdf_hyperlinks: https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=10573
- pdf_is_encrypted: False
- pdf_number_of_pages: 44
|
state/module_download_ok |
True |
True |
state/module_extract_ok |
True |
True |
state/policy_convert_garbage |
False |
False |
state/policy_convert_ok |
True |
True |
state/policy_download_ok |
True |
True |
state/policy_extract_ok |
True |
True |
state/policy_pdf_hash |
Different |
Different |
state/policy_txt_hash |
Different |
Different |
web_data/caveat |
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. |
When operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy. |
web_data/certificate_pdf_url |
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/October 2023_011123_0711.pdf |
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/February 2020_020320.pdf |
web_data/date_sunset |
03.02.2025 |
|
web_data/description |
The module exists to provide cryptographic services to applications running on behalf of its users which communicate with it via a standard Ethernet interface using IP protocols. In order to provide these services, the module also requires a power supply. The module is usually sold embedded within a stand-alone network appliance. That appliance is typically used in large-scale cloud infrastructures, where ease of remote configuration and operation is required. |
The module exists to provide cryptographic services to applications running on behalf of its users which communicate with it via a standard Ethernet interface using IP protocols. In order to provide these services, the module also requires a power supply. The module is usually sold embedded within a stand-alone network appliance. That appliance is typically used in large-scale cloud infrastructures, where ease of remote configuration and operation is required. |
web_data/embodiment |
Multi-Chip Embedded |
Multi-Chip Embedded |
web_data/exceptions |
Mitigation of Other Attacks: N/A |
Mitigation of Other Attacks: N/A |
web_data/fw_versions |
1, ., 0, ., 1 |
1, ., 0, ., 1 |
web_data/historical_reason |
|
SP 800-56Arev3 transition |
web_data/hw_versions |
1, ., 0, ., 1 |
1, ., 0, ., 1 |
web_data/level |
3 |
3 |
web_data/mentioned_certs |
|
|
web_data/module_name |
ASI-HSM AHX5 KNET Cryptographic Module |
ASI-HSM AHX5 KNET Cryptographic Module |
web_data/module_type |
Hardware |
Hardware |
web_data/revoked_link |
None |
None |
web_data/revoked_reason |
None |
None |
web_data/standard |
FIPS 140-2 |
FIPS 140-2 |
web_data/status |
active |
historical |
web_data/sw_versions |
None |
None |
web_data/tested_conf |
[] |
[] |
web_data/validation_history |
- date: 11.10.2023
- lab: EWA CANADA
- validation_type: Initial
|
- date: 04.02.2020
- lab: EWA CANADA
- validation_type: Initial
|
web_data/vendor |
KRYPTUS S.A. |
KRYPTUS S.A. |
web_data/vendor_url |
http://www.kryptus.com |
http://www.kryptus.com |