CryptoManager Root of Trust RT-660

Certificate #4758

Webpage information ?

Status active
Validation dates 12.08.2024
Sunset date 11-08-2029
Standard FIPS 140-3
Security level 2
Type Hardware
Embodiment Single Chip
Caveat When operated in approved mode
Exceptions
  • Operational environment: N/A
  • Non-invasive security: N/A
  • Documentation requirements: N/A
  • Cryptographic module security policy: N/A
Description The CryptoManager Root of Trust (CMRT) RT-660 is an independent Silicon IP Security Module for integration into semiconductor devices, offering secure execution of authenticated user applications, tamper detection and protection, DPA resistance and secure storage and handling of keys and security assets.
Version (Hardware) 0x6000_0931
Version (Firmware) 2022-02-24-g801c166
Tested configurations
  • Xilinx Zynq XC7Z045 FPGA
Vendor Rambus Inc.
References

This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Security policy ?

Symmetric Algorithms
AES, AES-, AES-256, HMAC, HMAC-SHA-256, HMAC-SHA-224, HMAC-SHA-384, CMAC
Asymmetric Algorithms
RSA-CRT, ECDH, ECDSA, ECC, Diffie-Hellman, DSA
Hash functions
SHA-512, SHA-256, SHA-224, SHA-384, SHA2, SHA3-224, SHA3-256, SHA3-384, SHA3-512, SHA-3, SHA3
Schemes
MAC, Key Agreement, Key agreement
Randomness
TRNG, DRBG, RNG
Elliptic Curves
P-224, P-256, P-384, P-521, NIST P-256, NIST P-224
Block cipher modes
ECB, CBC, CTR, CFB, OFB, GCM

Trusted Execution Environments
SSC

Security level
Level 2, Level 1
Side-channel analysis
side-channel, DPA, Fault Injection

Standards
FIPS 140-3, FIPS PUB 140-3, FIPS 197, FIPS186-4, FIPS198-1, FIPS180-4, FIPS202, FIPS 186-4, FIPS140-3, FIPS197, NIST SP 800-140B, NIST SP 800-140F, PKCS#1, RFC3394, RFC5649, ISO/IEC 24759, ISO/IEC 19790:2012

File metadata

Title DRAFT_140-3_CMRT_SecurityPolicy_v1.1
Author Marylene Palard
Creation date D:20240730155904Z00'00'
Modification date D:20240730155904Z00'00'
Pages 37
Creator Word
Producer macOS Version 14.5 (Build 23F79) Quartz PDFContext

References

Incoming
  • 661 - historical - IBM eServer Cryptographic Coprocessor Security Module

Heuristics ?

No heuristics are available for this certificate.

References ?

Updates ?

  • 09.09.2024 The certificate data changed.
    Certificate changed

    The web extraction data was updated.

    • The certificate_pdf_url property was set to https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf.
  • 19.08.2024 The certificate data changed.
    Certificate changed

    The PDF extraction data was updated.

    • The keywords property was set to {'fips_cert_id': {}, 'fips_security_level': {'Level': {'Level 2': 3, 'Level 1': 1}}, 'fips_certlike': {'Certlike': {'HMAC-SHA-256': 14, 'HMAC-SHA-224': 4, 'HMAC-SHA- 256': 4, 'HMAC-SHA-384': 4, 'HMAC- SHA-512': 2, 'HMAC-SHA-512/224': 2, 'HMAC-SHA-512/256': 2, 'HMAC- SHA-256': 1, 'HMAC-SHA256': 2, 'SHA2-224': 4, 'SHA2-256': 14, 'SHA2- 384': 2, 'SHA2-512': 5, 'SHA3-224': 4, 'SHA3-256': 6, 'SHA3-384': 3, 'SHA3- 512': 1, 'SHA-512': 5, 'SHA3- 384': 2, 'SHA3-512': 3, 'SHA-256': 12, 'SHA-224': 4, 'SHA-384': 4, 'SHA-512 2048': 1, 'SHA-3': 2, 'SHA3- 512 2048': 1, 'SHA3': 4, 'SHA2-384': 2, 'SHA2': 3, 'PKCS#1': 14, 'AES 256': 1, 'AES key 128': 1, 'AES-256': 1}}, 'vendor': {}, 'eval_facility': {'atsec': {'atsec': 39}, 'KTC': {'KTC': 8}}, 'symmetric_crypto': {'AES_competition': {'AES': {'AES': 42, 'AES-': 12, 'AES-256': 1}}, 'constructions': {'MAC': {'HMAC': 32, 'HMAC-SHA-256': 7, 'HMAC-SHA-224': 2, 'HMAC-SHA-384': 2, 'CMAC': 3}}}, 'asymmetric_crypto': {'RSA': {'RSA-CRT': 3}, 'ECC': {'ECDH': {'ECDH': 2}, 'ECDSA': {'ECDSA': 43}, 'ECC': {'ECC': 1}}, 'FF': {'DH': {'Diffie-Hellman': 44}, 'DSA': {'DSA': 2}}}, 'pq_crypto': {}, 'hash_function': {'SHA': {'SHA2': {'SHA-512': 6, 'SHA-256': 12, 'SHA-224': 4, 'SHA-384': 4, 'SHA2': 3}, 'SHA3': {'SHA3-224': 5, 'SHA3-256': 6, 'SHA3-384': 3, 'SHA3-512': 3, 'SHA-3': 2, 'SHA3': 4}}}, 'crypto_scheme': {'MAC': {'MAC': 20}, 'KA': {'Key Agreement': 9, 'Key agreement': 1}}, 'crypto_protocol': {}, 'randomness': {'TRNG': {'TRNG': 17}, 'PRNG': {'DRBG': 20}, 'RNG': {'RNG': 1}}, 'cipher_mode': {'ECB': {'ECB': 2}, 'CBC': {'CBC': 2}, 'CTR': {'CTR': 8}, 'CFB': {'CFB': 1}, 'OFB': {'OFB': 1}, 'GCM': {'GCM': 3}}, 'ecc_curve': {'NIST': {'P-224': 31, 'P-256': 39, 'P-384': 26, 'P-521': 26, 'NIST P-256': 1, 'NIST P-224': 3}}, 'crypto_engine': {}, 'tls_cipher_suite': {}, 'crypto_library': {}, 'vulnerability': {}, 'side_channel_analysis': {'SCA': {'side-channel': 1, 'DPA': 1}, 'FI': {'Fault Injection': 1}}, 'device_model': {}, 'tee_name': {'IBM': {'SSC': 9}}, 'os_name': {}, 'cplc_data': {}, 'ic_data_group': {}, 'standard_id': {'FIPS': {'FIPS 140-3': 42, 'FIPS PUB 140-3': 2, 'FIPS 197': 2, 'FIPS186-4': 10, 'FIPS198-1': 5, 'FIPS180-4': 3, 'FIPS202': 2, 'FIPS 186-4': 4, 'FIPS140-3': 2, 'FIPS197': 1}, 'NIST': {'NIST SP 800-140B': 2, 'NIST SP 800-140F': 1}, 'PKCS': {'PKCS#1': 7}, 'RFC': {'RFC3394': 2, 'RFC5649': 2}, 'ISO': {'ISO/IEC 24759': 2, 'ISO/IEC 19790:2012': 1}}, 'javacard_version': {}, 'javacard_api_const': {}, 'javacard_packages': {}, 'certification_process': {}}.
    • The policy_metadata property was set to {'pdf_file_size_bytes': 908629, 'pdf_is_encrypted': False, 'pdf_number_of_pages': 37, '/Title': 'DRAFT_140-3_CMRT_SecurityPolicy_v1.1', '/Producer': 'macOS Version 14.5 (Build 23F79) Quartz PDFContext', '/Author': 'Marylene Palard', '/Creator': 'Word', '/CreationDate': "D:20240730155904Z00'00'", '/ModDate': "D:20240730155904Z00'00'", 'pdf_hyperlinks': {'_type': 'Set', 'elements': []}}.

    The state was updated.

    • The policy_download_ok property was set to True.
    • The policy_convert_ok property was set to True.
    • The policy_pdf_hash property was set to 17fbcef46b79ee1188bf371777701155c03f1f433c1955897486dd38ab2f44f5.
    • The policy_txt_hash property was set to ce29758ade81c36a8a098dea47b0496c718c0df1dd532e8190e2bd220ac6b76d.
  • 12.08.2024 The certificate was first processed.
    New certificate

    A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4758,
  "dgst": "13908fe4d3eb986b",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "AES-CTRA2114",
        "SHA3-512A2115",
        "RSA KeyGen (FIPS186-4)A2114",
        "AES-CFB128A2114",
        "SHA2-224A2114",
        "Counter DRBGA2114",
        "SHA3-256A2115",
        "KDA OneStep SP800-56Cr2A2114",
        "ECDSA SigVer (FIPS186-4)A2115",
        "KDA TwoStep SP800-56Cr2A2114",
        "SHA2-512A2114",
        "AES-ECBA2114",
        "KAS-ECC Sp800-56Ar3A2114",
        "HMAC-SHA3-224A2115",
        "SHA3-384A2115",
        "AES-CBCA2114",
        "KDF SP800-108A2114",
        "HMAC-SHA2-384A2115",
        "RSA SigGen (FIPS186-4)A2115",
        "AES-GCMA2114",
        "HMAC-SHA2-256A2115",
        "HMAC-SHA2-224A2115",
        "AES-CMACA2114",
        "HMAC-SHA2-512/224A2114",
        "SHA2-384A2114",
        "HMAC-SHA3-512A2115",
        "HMAC-SHA3-384A2115",
        "SHA2-256A2114",
        "AES-KWPA2114",
        "SHA2-512/256A2114",
        "ECDSA KeyGen (FIPS186-4)A2114",
        "KAS-ECC-SSC Sp800-56Ar3A2114",
        "ECDSA SigGen (FIPS186-4)A2115",
        "HMAC-SHA2-512A2115",
        "HMAC-SHA2-512/256A2114",
        "HMAC-SHA3-256A2115",
        "SHA2-512/224A2114",
        "SHA3-224A2115",
        "AES-GMACA2114",
        "RSA SigVer (FIPS186-4)A2115",
        "ECDSA KeyVer (FIPS186-4)A2114"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "660",
        "2022",
        "02",
        "24"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": {
        "_type": "Set",
        "elements": [
          "661"
        ]
      },
      "directly_referencing": null,
      "indirectly_referenced_by": {
        "_type": "Set",
        "elements": [
          "661",
          "909"
        ]
      },
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDH": {
            "ECDH": 2
          },
          "ECDSA": {
            "ECDSA": 43
          }
        },
        "FF": {
          "DH": {
            "Diffie-Hellman": 44
          },
          "DSA": {
            "DSA": 2
          }
        },
        "RSA": {
          "RSA-CRT": 3
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 2
        },
        "CFB": {
          "CFB": 1
        },
        "CTR": {
          "CTR": 8
        },
        "ECB": {
          "ECB": 2
        },
        "GCM": {
          "GCM": 3
        },
        "OFB": {
          "OFB": 1
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {},
      "crypto_protocol": {},
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 9,
          "Key agreement": 1
        },
        "MAC": {
          "MAC": 20
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "NIST P-224": 3,
          "NIST P-256": 1,
          "P-224": 31,
          "P-256": 39,
          "P-384": 26,
          "P-521": 26
        }
      },
      "eval_facility": {
        "KTC": {
          "KTC": 8
        },
        "atsec": {
          "atsec": 39
        }
      },
      "fips_cert_id": {},
      "fips_certlike": {
        "Certlike": {
          "AES 256": 1,
          "AES key 128": 1,
          "AES-256": 1,
          "HMAC- SHA-256": 1,
          "HMAC- SHA-512": 2,
          "HMAC-SHA- 256": 4,
          "HMAC-SHA-224": 4,
          "HMAC-SHA-256": 14,
          "HMAC-SHA-384": 4,
          "HMAC-SHA-512/224": 2,
          "HMAC-SHA-512/256": 2,
          "HMAC-SHA256": 2,
          "PKCS#1": 14,
          "SHA-224": 4,
          "SHA-256": 12,
          "SHA-3": 2,
          "SHA-384": 4,
          "SHA-512": 5,
          "SHA-512 2048": 1,
          "SHA2": 3,
          "SHA2- 384": 2,
          "SHA2-224": 4,
          "SHA2-256": 14,
          "SHA2-384": 2,
          "SHA2-512": 5,
          "SHA3": 4,
          "SHA3- 384": 2,
          "SHA3- 512": 1,
          "SHA3- 512 2048": 1,
          "SHA3-224": 4,
          "SHA3-256": 6,
          "SHA3-384": 3,
          "SHA3-512": 3
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 1,
          "Level 2": 3
        }
      },
      "hash_function": {
        "SHA": {
          "SHA2": {
            "SHA-224": 4,
            "SHA-256": 12,
            "SHA-384": 4,
            "SHA-512": 6,
            "SHA2": 3
          },
          "SHA3": {
            "SHA-3": 2,
            "SHA3": 4,
            "SHA3-224": 5,
            "SHA3-256": 6,
            "SHA3-384": 3,
            "SHA3-512": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 20
        },
        "RNG": {
          "RNG": 1
        },
        "TRNG": {
          "TRNG": 17
        }
      },
      "side_channel_analysis": {
        "FI": {
          "Fault Injection": 1
        },
        "SCA": {
          "DPA": 1,
          "side-channel": 1
        }
      },
      "standard_id": {
        "FIPS": {
          "FIPS 140-3": 42,
          "FIPS 186-4": 4,
          "FIPS 197": 2,
          "FIPS PUB 140-3": 2,
          "FIPS140-3": 2,
          "FIPS180-4": 3,
          "FIPS186-4": 10,
          "FIPS197": 1,
          "FIPS198-1": 5,
          "FIPS202": 2
        },
        "ISO": {
          "ISO/IEC 19790:2012": 1,
          "ISO/IEC 24759": 2
        },
        "NIST": {
          "NIST SP 800-140B": 2,
          "NIST SP 800-140F": 1
        },
        "PKCS": {
          "PKCS#1": 7
        },
        "RFC": {
          "RFC3394": 2,
          "RFC5649": 2
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 42,
            "AES-": 12,
            "AES-256": 1
          }
        },
        "constructions": {
          "MAC": {
            "CMAC": 3,
            "HMAC": 32,
            "HMAC-SHA-224": 2,
            "HMAC-SHA-256": 7,
            "HMAC-SHA-384": 2
          }
        }
      },
      "tee_name": {
        "IBM": {
          "SSC": 9
        }
      },
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "Marylene Palard",
      "/CreationDate": "D:20240730155904Z00\u002700\u0027",
      "/Creator": "Word",
      "/ModDate": "D:20240730155904Z00\u002700\u0027",
      "/Producer": "macOS Version 14.5 (Build 23F79) Quartz PDFContext",
      "/Title": "DRAFT_140-3_CMRT_SecurityPolicy_v1.1",
      "pdf_file_size_bytes": 908629,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": []
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 37
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "17fbcef46b79ee1188bf371777701155c03f1f433c1955897486dd38ab2f44f5",
    "policy_txt_hash": "ce29758ade81c36a8a098dea47b0496c718c0df1dd532e8190e2bd220ac6b76d"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "When operated in approved mode",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/August 2024_010924_0336.pdf",
    "date_sunset": "2029-08-11",
    "description": "The CryptoManager Root of Trust (CMRT) RT-660 is an independent Silicon IP Security Module for integration into semiconductor devices, offering secure execution of authenticated user applications, tamper detection and protection, DPA resistance and secure storage and handling of keys and security assets.",
    "embodiment": "Single Chip",
    "exceptions": [
      "Operational environment: N/A",
      "Non-invasive security: N/A",
      "Documentation requirements: N/A",
      "Cryptographic module security policy: N/A"
    ],
    "fw_versions": "2022-02-24-g801c166",
    "historical_reason": null,
    "hw_versions": "0x6000_0931",
    "level": 2,
    "mentioned_certs": {},
    "module_name": "CryptoManager Root of Trust RT-660",
    "module_type": "Hardware",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-3",
    "status": "active",
    "sw_versions": null,
    "tested_conf": [
      "Xilinx Zynq XC7Z045 FPGA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2024-08-12",
        "lab": "ATSEC INFORMATION SECURITY CORP",
        "validation_type": "Initial"
      }
    ],
    "vendor": "Rambus Inc.",
    "vendor_url": "http://www.rambus.com"
  }
}