This page was not yet optimized for use on mobile devices.

Comparing certificates Experimental feature

You are comparing two certificates. By default, only differing attributes are shown. Use the button below to show/hide all attributes.

Showing only differing attributes.

	TrustedKeep Encryption Module	TrustedKeep Encryption Module
cert_id	3078	3763
dgst	7ddc73742388547e	f6c55a0ce33fc2c9
heuristics/algorithms	Triple-DES#2466, DRBG#1563, CVL#1295, SHS#3801, AES#4637, HMAC#3070, ECDSA#1142, DSA#1227, RSA#2532	ECDSA#C1743, HMAC#C1743, AES#C1743, SHS#C1743, RSA#C1743, DRBG#C1743, Triple-DES#C1743, CVL#C1743, KTS#C1743
heuristics/cpe_matches	{}	{}
heuristics/direct_transitive_cves	{}	{}
heuristics/extracted_versions	-	-
heuristics/indirect_transitive_cves	{}	{}
heuristics/module_processed_references/directly_referenced_by	{}	{}
heuristics/module_processed_references/directly_referencing	{}	{}
heuristics/module_processed_references/indirectly_referenced_by	{}	{}
heuristics/module_processed_references/indirectly_referencing	{}	{}
heuristics/module_prunned_references	{}	{}
heuristics/policy_processed_references/directly_referenced_by	{}	2654
heuristics/policy_processed_references/directly_referencing	{}	{}
heuristics/policy_processed_references/indirectly_referenced_by	{}	2654
heuristics/policy_processed_references/indirectly_referencing	{}	{}
heuristics/policy_prunned_references	{}	{}
heuristics/related_cves	{}	{}
heuristics/verified_cpe_matches	{}	{}
pdf_data/keywords/fips_cert_id	Cert: #1142: 1 #1227: 1 #1295: 1 #1563: 1 #2466: 1 #2532: 2 #3070: 1 #3801: 1 #4637: 1
pdf_data/keywords/fips_security_level		Level: Level 1: 2
pdf_data/keywords/fips_certlike	Certlike: AES 128/192/256: 1 AES, 256: 1 CVL #1295: 1 HMAC SHA-1: 1 HMAC-SHA-1: 6 HMAC-SHA1: 8 PAA1: 1 PKCS#1: 2 SHA- 1: 1 SHA- 256: 1 SHA-1: 22 SHA-1, 224: 39 SHA-1, 256: 2 SHA-2: 1 SHA-2 (224: 2 SHA-224: 4 SHA-256: 6 SHA-384: 1 SHA-512: 3 SHA1: 1 SHA224: 1 SHA256: 3 SHA384: 1 SHA512: 2	Certlike: AES-256: 1 HMAC- SHA-224: 1 HMAC- SHA-512: 1 HMAC-SHA-1: 4 HMAC-SHA-256: 2 HMAC-SHA-384: 2 HMAC-SHA-512: 4 PAA 2: 1 SHA- 256: 1 SHA-1: 2 SHA-224: 2 SHA-256: 2 SHA-384: 1 SHA-512: 3 SHA2-224: 1 SHA2-256: 1 SHA2-384: 1 SHA2-512: 1
pdf_data/keywords/vendor
pdf_data/keywords/eval_facility
pdf_data/keywords/symmetric_crypto	AES_competition: AES: AES: 22 DES: 3DES: TDEA: 1 TDES: 8 Triple-DES: 1 constructions: MAC: CMAC: 15 HMAC: 7	AES_competition: AES: AES: 17 AES-256: 1 DES: 3DES: TDEA: 1 Triple-DES: 15 DES: DES: 3 constructions: MAC: CMAC: 1 HMAC: 6 HMAC-SHA-256: 1 HMAC-SHA-384: 1 HMAC-SHA-512: 2
pdf_data/keywords/asymmetric_crypto	ECC: ECC: ECC: 4 ECDSA: ECDSA: 16 FF: DH: DH: 8 Diffie-Hellman: 1 DSA: DSA: 16	ECC: ECC: ECC: 1 ECDSA: ECDSA: 18 FF: DH: DH: 6 Diffie-Hellman: 3
pdf_data/keywords/pq_crypto
pdf_data/keywords/hash_function	SHA: SHA1: SHA-1: 63 SHA1: 1 SHA2: SHA-2: 3 SHA-224: 4 SHA-256: 6 SHA-384: 1 SHA-512: 3 SHA224: 1 SHA256: 3 SHA384: 1 SHA512: 2	MD: MD4: MD4: 2 MD5: MD5: 5 SHA: SHA1: SHA-1: 2 SHA2: SHA-224: 2 SHA-256: 2 SHA-384: 1 SHA-512: 3
pdf_data/keywords/crypto_scheme	KA: Key Agreement: 1 Key agreement: 2	KA: Key Agreement: 3 MAC: MAC: 1
pdf_data/keywords/crypto_protocol	SSH: SSH: 1 TLS: TLS: TLS: 2	TLS: TLS: TLS: 10 TLS 1.0: 1
pdf_data/keywords/randomness	PRNG: DRBG: 18	PRNG: DRBG: 8
pdf_data/keywords/cipher_mode	CBC: CBC: 3 CCM: CCM: 4 CFB: CFB: 3 CTR: CTR: 2 ECB: ECB: 3 GCM: GCM: 8 OFB: OFB: 1 XTS: XTS: 4	CBC: CBC: 3 CFB: CFB: 3 CTR: CTR: 2 ECB: ECB: 2 GCM: GCM: 4 OFB: OFB: 3
pdf_data/keywords/ecc_curve	NIST: B-163: 2 B-233: 2 B-283: 1 B-409: 1 B-571: 2 K-163: 1 K-233: 3 K-283: 2 K-409: 1 K-571: 1 P-192: 6 P-224: 4 P-256: 2 P-384: 4	NIST: P-224: 4 P-256: 6 P-384: 4 P-521: 2
pdf_data/keywords/crypto_engine
pdf_data/keywords/tls_cipher_suite
pdf_data/keywords/crypto_library	OpenSSL: OpenSSL: 1	BoringSSL: BoringSSL: 3
pdf_data/keywords/vulnerability
pdf_data/keywords/side_channel_analysis
pdf_data/keywords/device_model
pdf_data/keywords/tee_name
pdf_data/keywords/os_name
pdf_data/keywords/cplc_data
pdf_data/keywords/ic_data_group
pdf_data/keywords/standard_id	FIPS: FIPS 140-2: 10 FIPS 180-4: 2 FIPS 186-2: 4 FIPS 186-4: 8 FIPS 197: 2 FIPS 198: 1 FIPS 198-1: 1 NIST: SP 800-131A: 2 SP 800-133: 2 SP 800-38B: 2 SP 800-38C: 2 SP 800-38D: 2 SP 800-38E: 1 SP 800-56A: 4 SP 800-56B: 1 SP 800-67: 1 SP 800-89: 1 SP 800-90: 3 SP 800-90A: 2 PKCS: PKCS#1: 1 RFC: RFC5288: 1	FIPS: FIPS 140: 4 FIPS 140-2: 20 FIPS 180-4: 2 FIPS 186-4: 3 FIPS 197: 2 FIPS 198-1: 2 FIPS PUB 140-2: 1 NIST: NIST SP 800-131A: 1 NIST SP 800-133: 1 NIST SP 800-38D: 1 NIST SP 800-52: 1 NIST SP 800-90A: 1 SP 800-133: 2 SP 800-135: 2 SP 800-38A: 2 SP 800-38D: 2 SP 800-38F: 3 SP 800-52: 1 SP 800-56A: 1 SP 800-67: 2 SP 800-90A: 2 RFC: RFC 5246: 2 RFC 5288: 1
pdf_data/keywords/javacard_version
pdf_data/keywords/javacard_api_const
pdf_data/keywords/javacard_packages
pdf_data/keywords/certification_process
pdf_data/policy_metadata	/Author: Ryan Thomas /CreationDate: D:20171201105659-05'00' /Creator: Microsoft® Word 2016 /ModDate: D:20171201105659-05'00' /Producer: Microsoft® Word 2016 pdf_file_size_bytes: 871012 pdf_hyperlinks: http://openssl.org/ pdf_is_encrypted: False pdf_number_of_pages: 23	/Author: Ryan Thomas /CreationDate: D:20220630231954+05'30' /Creator: Microsoft® Word for Microsoft 365 /ModDate: D:20220630231954+05'30' /Producer: Microsoft® Word for Microsoft 365 pdf_file_size_bytes: 522109 pdf_hyperlinks: https://commondatastorage.googleapis.com/chromium-boringssl-fips/boringssl-ae223d6138807a13006342edfeef32e813246b39.tar.xz, http://csrc.nist.gov/groups/STM/cmvp/index.html pdf_is_encrypted: False pdf_number_of_pages: 23
state/module_download_ok	True	True
state/module_extract_ok	True	True
state/policy_convert_garbage	False	False
state/policy_convert_ok	True	True
state/policy_download_ok	True	True
state/policy_extract_ok	True	True
state/policy_pdf_hash	Different	Different
state/policy_txt_hash	Different	Different
web_data/caveat	When operated in FIPS mode as assumed by the Crypto Officer role and as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from the procedures outlined in the Security Policy will result in a non FIPS 140-2 compliant module.	When installed, initialized and configured as specified in Section 12.1 of the Security Policy and operated in FIPS mode. The module generates cryptographic keys whose strengths are modified by available entropy
web_data/certificate_pdf_url	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/FIPS140ConsolidatedCertDec2017.pdf	https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/December 2020_040121_1006_signed.pdf
web_data/date_sunset		12.07.2025
web_data/description	TrustedKeep is a secure object storage and sharing solution, providing robust access controls around your objects and securing them both in transit and at rest. It is designed from the ground up for object-level encryption, assigning a unique key to each object being stored, and capable of managing billions of objects in a single cluster. TrustedKeep handles all encryption and decryption at the boundaries, maintaining control at all times over key material, so that engineering mistakes do not result in key material (or sensitive data) being swapped to disk or left in memory.	TrustedKeep is a secure object storage and sharing platform designed from the ground up for object-level encryption. Each object stored is assigned one or more unique encryption keys that never leave the TrustedKeep boundary, preventing engineering mistakes resulting in leaks of key material or sensitive data.
web_data/embodiment	Multi-Chip Stand Alone	Multi-Chip Stand Alone
web_data/exceptions	Roles, Services, and Authentication: Level 2, Physical Security: N/A, Mitigation of Other Attacks: N/A	Physical Security: N/A, Mitigation of Other Attacks: N/A,
web_data/fw_versions	[]	[]
web_data/historical_reason	SP 800-56Arev3 transition
web_data/hw_versions	[]	[]
web_data/level	1	1
web_data/mentioned_certs
web_data/module_name	TrustedKeep Encryption Module	TrustedKeep Encryption Module
web_data/module_type	Software	Software
web_data/revoked_link	None	None
web_data/revoked_reason	None	None
web_data/standard	FIPS 140-2	FIPS 140-2
web_data/status	historical	active
web_data/sw_versions	1.8.3	v2.0.0
web_data/tested_conf	MacBook Pro running on Intel Core i7 on CentOS 7.3 (gcc Compiler Version 4.8.5) with PAA, MacBook Pro running on Intel Core i7 on CentOS 7.3 (gcc Compiler Version 4.8.5) without PAA. (single-user mode)	CentOS 7.7 running on HP ProLiant DL 360 Gen 10 server with Intel Xeon Silver 4110 CPU with PAA, CentOS 7.7 running on HP ProLiant DL 360 Gen 10 server with Intel Xeon Silver 4110 CPU without PAA (single-user mode)
web_data/validation_history	date: 11.12.2017 lab: ACUMEN SECURITY, LLC validation_type: Initial	date: 10.12.2020 lab: ACUMEN SECURITY, LLC validation_type: Initial
web_data/vendor	Trusted Concepts, Inc.	Trusted Concepts, Inc.
web_data/vendor_url	http://www.trustedconcepts.com	https://www.trustedconcepts.com/