This page was not yet optimized for use on mobile devices.
Masimo Cryptographic Module
Certificate #4788
Webpage information ?
Security policy ?
Symmetric Algorithms
AES, AES-128, AES-192, AES-256, CAST, CAST5, RC4, RC5, RC2, DES, Triple-DES, 3DES, ChaCha20, Poly1305, IDEA, Blowfish, Camellia, ARIA, SM4, SEED, HMAC, CMACAsymmetric Algorithms
ECDH, ECDSA, EdDSA, ECC, DH, Diffie-Hellman, DSAHash functions
SHA-1, SHA-2, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, Blake2, MD4, MD5, RIPEMD, PBKDF2, PBKDFSchemes
MAC, Key agreement, Key AgreementProtocols
SSL, TLS, TLS v1.2, TLS v1.3, TLS 1.2, TLS 1.3Randomness
DRBG, RNG, RBGElliptic Curves
P-224, P-256, P-384, P-521, P-192, B-233, B-283, B-409, B-571, K-233, K-283, K-409, K-571, B-163, K-163Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM, CCM, XEX, XTSJavaCard API constants
SM2Trusted Execution Environments
PSPSecurity level
Level 1Standards
FIPS 140-3, FIPS PUB 186-4, FIPS PUB 198-1, FIPS PUB 197, FIPS PUB 202, FIPS PUB 180-4, NIST SP 800-38A, NIST SP 800-38B, NIST SP 800-38C, NIST SP 800-38E, NIST SP 800-38F, NIST SP 800-38D, NIST SP 800-132, PKCS#1, RFC19, RFC 8446, RFC7627, RFC 5288, RFC 5246, ISO/IEC 19790, ISO/IEC 24579, ISO/IEC 19790:2021File metadata
| Title | FIPS 140-3 Non-Proprietary Security Policy |
|---|---|
| Author | Corsec Security, Inc. |
| Creation date | D:20240625121321-04'00' |
| Modification date | D:20240625121321-04'00' |
| Pages | 41 |
| Creator | Microsoft® Word for Microsoft 365 |
| Producer | Microsoft® Word for Microsoft 365 |
Heuristics ?
No heuristics are available for this certificate.
References ?
No references are available for this certificate.
Updates ?
-
14.10.2024 The certificate data changed.
Certificate changed
The web extraction data was updated.
- The certificate_pdf_url property was set to
https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf.
- The certificate_pdf_url property was set to
-
09.09.2024 The certificate was first processed.
New certificate
A new FIPS 140 certificate with the product name was processed.
Raw data
{
"_type": "sec_certs.sample.fips.FIPSCertificate",
"cert_id": 4788,
"dgst": "e26f3716adbe1a42",
"heuristics": {
"_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
"algorithms": {
"_type": "Set",
"elements": [
"TLS v1.3 KDFA3595",
"AES-XTS Testing Revision 2.0A3595",
"HMAC-SHA3-224A3595",
"SHA-1A3595",
"DSA SigGen (FIPS186-4)A3595",
"SHA2-256A3595",
"SHA3-224A3595",
"DSA PQGGen (FIPS186-4)A3595",
"AES-OFBA3595",
"ECDSA SigVer (FIPS186-4)A3595",
"RSA SigVer (FIPS186-4)A3595",
"ECDSA KeyGen (FIPS186-4)A3595",
"Counter DRBGA3595",
"SHAKE-256A3595",
"ECDSA KeyVer (FIPS186-4)A3595",
"TDES-CFB8A3595",
"TLS v1.2 KDF RFC7627A3595",
"RSA SigGen (FIPS186-4)A3595",
"DSA KeyGen (FIPS186-4)A3595",
"SHA3-512A3595",
"AES-GMACA3595",
"SHA2-384A3595",
"AES-CTRA3595",
"AES-KWPA3595",
"SHA2-512A3595",
"SHA2-224A3595",
"AES-ECBA3595",
"TDES-CMACA3595",
"SHA3-384A3595",
"HMAC-SHA3-512A3595",
"AES-CMACA3595",
"RSA KeyGen (FIPS186-4)A3595",
"AES-CFB8A3595",
"TDES-CFB1A3595",
"DSA SigVer (FIPS186-4)A3595",
"PBKDFA3595",
"HMAC-SHA2-256A3595",
"TDES-CBCA3595",
"TDES-ECBA3595",
"AES-CCMA3595",
"HMAC-SHA-1A3595",
"TDES-CFB64A3595",
"TDES-OFBA3595",
"AES-CFB128A3595",
"AES-CBCA3595",
"HMAC-SHA2-224A3595",
"AES-CFB1A3595",
"DSA PQGVer (FIPS186-4)A3595",
"HMAC-SHA2-512A3595",
"SHAKE-128A3595",
"AES-GCMA3595",
"KAS-FFC-SSC Sp800-56Ar3A3595",
"ECDSA SigGen (FIPS186-4)A3595",
"HMAC-SHA3-256A3595",
"AES-KWA3595",
"SHA3-256A3595",
"HMAC-SHA2-384A3595",
"HMAC-SHA3-384A3595",
"KAS-ECC-SSC Sp800-56Ar3A3595"
]
},
"cpe_matches": null,
"direct_transitive_cves": null,
"extracted_versions": {
"_type": "Set",
"elements": [
"-"
]
},
"indirect_transitive_cves": null,
"module_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"module_prunned_references": {
"_type": "Set",
"elements": []
},
"policy_processed_references": {
"_type": "sec_certs.sample.certificate.References",
"directly_referenced_by": null,
"directly_referencing": null,
"indirectly_referenced_by": null,
"indirectly_referencing": null
},
"policy_prunned_references": {
"_type": "Set",
"elements": []
},
"related_cves": null,
"verified_cpe_matches": null
},
"pdf_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
"keywords": {
"asymmetric_crypto": {
"ECC": {
"ECC": {
"ECC": 3
},
"ECDH": {
"ECDH": 16
},
"ECDSA": {
"ECDSA": 31
},
"EdDSA": {
"EdDSA": 2
}
},
"FF": {
"DH": {
"DH": 17,
"Diffie-Hellman": 2
},
"DSA": {
"DSA": 34
}
}
},
"certification_process": {},
"cipher_mode": {
"CBC": {
"CBC": 8
},
"CCM": {
"CCM": 7
},
"CFB": {
"CFB": 3
},
"CTR": {
"CTR": 3
},
"ECB": {
"ECB": 9
},
"GCM": {
"GCM": 42
},
"OFB": {
"OFB": 4
},
"XEX": {
"XEX": 2
},
"XTS": {
"XTS": 13
}
},
"cplc_data": {},
"crypto_engine": {},
"crypto_library": {},
"crypto_protocol": {
"TLS": {
"SSL": {
"SSL": 3
},
"TLS": {
"TLS": 18,
"TLS 1.2": 22,
"TLS 1.3": 44,
"TLS v1.2": 3,
"TLS v1.3": 3
}
}
},
"crypto_scheme": {
"KA": {
"Key Agreement": 4,
"Key agreement": 6
},
"MAC": {
"MAC": 9
}
},
"device_model": {},
"ecc_curve": {
"NIST": {
"B-163": 2,
"B-233": 6,
"B-283": 6,
"B-409": 6,
"B-571": 6,
"K-163": 4,
"K-233": 8,
"K-283": 6,
"K-409": 6,
"K-571": 6,
"P-192": 8,
"P-224": 18,
"P-256": 12,
"P-384": 12,
"P-521": 12
}
},
"eval_facility": {},
"fips_cert_id": {},
"fips_certlike": {
"Certlike": {
"AES-128": 1,
"AES-192": 1,
"AES-256": 1,
"AES-GCM 128": 1,
"CVL18": 1,
"DRBG 45": 1,
"DRBG20": 1,
"DSA21": 1,
"HMAC 112": 2,
"HMAC 128": 2,
"PAA 2": 1,
"PKCS#1": 6,
"SHA- 1": 2,
"SHA-1": 11,
"SHA-1 KAT 47": 1,
"SHA-2": 1,
"SHA-3": 4,
"SHA2- 224": 2,
"SHA2- 256": 6,
"SHA2- 384": 1,
"SHA2-224": 13,
"SHA2-256": 22,
"SHA2-384": 16,
"SHA2-512": 17,
"SHA3-224": 3,
"SHA3-256": 4,
"SHA3-384": 3,
"SHA3-512": 3,
"SHS40": 1
}
},
"fips_security_level": {
"Level": {
"Level 1": 3
}
},
"hash_function": {
"BLAKE": {
"Blake2": 3
},
"MD": {
"MD4": {
"MD4": 2
},
"MD5": {
"MD5": 2
}
},
"PBKDF": {
"PBKDF": 5,
"PBKDF2": 6
},
"RIPEMD": {
"RIPEMD": 2
},
"SHA": {
"SHA1": {
"SHA-1": 12
},
"SHA2": {
"SHA-2": 1
},
"SHA3": {
"SHA-3": 4,
"SHA3-224": 3,
"SHA3-256": 4,
"SHA3-384": 3,
"SHA3-512": 3
}
}
},
"ic_data_group": {},
"javacard_api_const": {
"curves": {
"SM2": 2
}
},
"javacard_packages": {},
"javacard_version": {},
"os_name": {},
"pq_crypto": {},
"randomness": {
"PRNG": {
"DRBG": 44
},
"RNG": {
"RBG": 2,
"RNG": 4
}
},
"side_channel_analysis": {},
"standard_id": {
"FIPS": {
"FIPS 140-3": 24,
"FIPS PUB 180-4": 1,
"FIPS PUB 186-4": 4,
"FIPS PUB 197": 3,
"FIPS PUB 198-1": 2,
"FIPS PUB 202": 2
},
"ISO": {
"ISO/IEC 19790": 6,
"ISO/IEC 19790:2021": 3,
"ISO/IEC 24579": 2
},
"NIST": {
"NIST SP 800-132": 3,
"NIST SP 800-38A": 2,
"NIST SP 800-38B": 4,
"NIST SP 800-38C": 2,
"NIST SP 800-38D": 5,
"NIST SP 800-38E": 3,
"NIST SP 800-38F": 2
},
"PKCS": {
"PKCS#1": 3
},
"RFC": {
"RFC 5246": 1,
"RFC 5288": 1,
"RFC 8446": 2,
"RFC19": 1,
"RFC7627": 5
}
},
"symmetric_crypto": {
"AES_competition": {
"AES": {
"AES": 120,
"AES-128": 1,
"AES-192": 1,
"AES-256": 1
},
"CAST": {
"CAST": 4,
"CAST5": 3
},
"RC": {
"RC2": 2,
"RC4": 3,
"RC5": 3
}
},
"DES": {
"3DES": {
"3DES": 1,
"Triple-DES": 26
},
"DES": {
"DES": 5
}
},
"constructions": {
"MAC": {
"CMAC": 31,
"HMAC": 31
}
},
"djb": {
"ChaCha": {
"ChaCha20": 3
},
"Poly": {
"Poly1305": 2
}
},
"miscellaneous": {
"ARIA": {
"ARIA": 3
},
"Blowfish": {
"Blowfish": 3
},
"Camellia": {
"Camellia": 3
},
"IDEA": {
"IDEA": 3
},
"SEED": {
"SEED": 3
},
"SM4": {
"SM4": 4
}
}
},
"tee_name": {
"AMD": {
"PSP": 6
}
},
"tls_cipher_suite": {},
"vendor": {},
"vulnerability": {}
},
"policy_metadata": {
"/Author": "Corsec Security, Inc.",
"/CreationDate": "D:20240625121321-04\u002700\u0027",
"/Creator": "Microsoft\u00ae Word for Microsoft 365",
"/ModDate": "D:20240625121321-04\u002700\u0027",
"/Producer": "Microsoft\u00ae Word for Microsoft 365",
"/Title": "FIPS 140-3 Non-Proprietary Security Policy",
"pdf_file_size_bytes": 964844,
"pdf_hyperlinks": {
"_type": "Set",
"elements": [
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16111",
"https://csrc.nist.gov/projects/cryptographic-algorithm-validation-program/details?product=16112",
"http://www.corsec.com/",
"http://www.masimo.com/",
"https://csrc.nist.gov/Projects/cryptographic-module-validation-program/Validated-Modules/Search",
"mailto:[email protected]",
"http://csrc.nist.gov/groups/STM/cmvp"
]
},
"pdf_is_encrypted": false,
"pdf_number_of_pages": 41
}
},
"state": {
"_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
"module_download_ok": true,
"module_extract_ok": true,
"policy_convert_garbage": false,
"policy_convert_ok": true,
"policy_download_ok": true,
"policy_extract_ok": true,
"policy_pdf_hash": "58da8c4e1104d2706b20b0ec9ac55118b60f466df9f41a5b40715a9d2209e7e7",
"policy_txt_hash": "c70ac0c1f462eec39882b6be5e77e6c3febe7cb467d7824e4501ae8bdb6f4546"
},
"web_data": {
"_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
"caveat": "Interim validation. When operating in the approved mode. No assurance of the minimum strength of generated SSPs",
"certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/September 2024_011024_0217.pdf",
"date_sunset": "2026-09-03",
"description": "The Masimo Cryptographic Module provides FIPS-Approved symmetric encryption and decryption, digital signature functions, hashing, message authentication, key establishment, and random number generation to Masimo solutions in support of general data protection functionality and secure communications protocols, including TLS.",
"embodiment": "Multi-Chip Stand Alone",
"exceptions": [
"Physical security: N/A",
"Non-invasive security: N/A",
"Mitigation of other attacks: N/A",
"Documentation requirements: N/A",
"Cryptographic module security policy: N/A"
],
"fw_versions": null,
"historical_reason": null,
"hw_versions": null,
"level": 1,
"mentioned_certs": {},
"module_name": "Masimo Cryptographic Module",
"module_type": "Software",
"revoked_link": null,
"revoked_reason": null,
"standard": "FIPS 140-3",
"status": "active",
"sw_versions": "1.0",
"tested_conf": [
"Custom Linux OS with Linux kernel 2.6.38 running on Masimo Radical-7 with ARM Cortex-A8 (ARMv7-A) without PAA",
"Custom Linux OS with Linux kernel 4.9.43 running on Masimo Root with ARM Cortex-A8 (ARMv7-A) without PAA"
],
"validation_history": [
{
"_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
"date": "2024-09-04",
"lab": "Lightship Security, Inc.",
"validation_type": "Initial"
}
],
"vendor": "Masimo Corporation",
"vendor_url": "http://www.masimo.com "
}
}