FIPS 140-2 Non-Proprietary Security Policy

Ubuntu 18.04 Kernel Crypto API Cryptographic Module version 2.0

FIPS 140-2 Non-Proprietary Security Policy

Version 2.5 Last update: 2021-09-15

? 2021 Canonical Ltd. / atsec information security This document can be reproduced and distributed only whole and intact, including this copyright notice.

Ubuntu 18.04 Kernel Crypto API Cryptographic Module

Prepared by: atsec information security corporation 9130 Jollyville Road, Suite 260 Austin, TX 78759

FIPS 140-2 Non-Proprietary Security Policy

? 2021 Canonical Ltd. / atsec information security This document can be reproduced and distributed only whole and intact, including this copyright notice.

2 of 43

Ubuntu 18.04 Kernel Crypto API Cryptographic Module

FIPS 140-2 Non-Proprietary Security Policy

Table of Contents

1. Cryptographic Module Specification .....................................................................................................6 1.1. Module Overview ................................................................................................................................... 6 1.2. Modes of Operation.............................................................................................................................. 10

2. Cryptographic Module Ports and Interfaces ........................................................................................11 3. Roles, Services and Authentication .....................................................................................................12

3.1. Roles...................................................................................................................................................... 12 3.2. Services ................................................................................................................................................. 12 3.3. Algorithms............................................................................................................................................. 14

3.3.1. Ubuntu 18.04 LTS 64-bit Running on Intel? Xeon? CPU E5-2620v3 Processor ........................... 14 3.3.2. Ubuntu 18.04 LTS 64-bit Running on z System ............................................................................ 19 3.3.3. Non-Approved Algorithms ........................................................................................................... 24 3.4. Operator Authentication ...................................................................................................................... 25 4. Physical Security ................................................................................................................................26 5. Operational Environment...................................................................................................................27 5.1. Applicability .......................................................................................................................................... 27 5.2. Policy ..................................................................................................................................................... 27 6. Cryptographic Key Management.........................................................................................................28 6.1. Random Number Generation ............................................................................................................... 29 6.2. Key Generation ..................................................................................................................................... 29 6.3. Key Agreement / Key Transport / Key Derivation ................................................................................ 29 6.4. Key Entry / Output ................................................................................................................................ 30 6.5. Key / CSP Storage.................................................................................................................................. 30 6.6. Key / CSP Zeroization ............................................................................................................................ 30 7. Electromagnetic Interference/Electromagnetic Compatibility (EMI/EMC) ............................................31 8. Self-Tests ...........................................................................................................................................32 8.1. Power-Up Tests ..................................................................................................................................... 32 8.1.1. Integrity Tests............................................................................................................................... 32 8.1.2. Cryptographic Algorithm Tests .................................................................................................... 32 8.2. On-Demand Self-Tests .......................................................................................................................... 35 8.3. Conditional Tests .................................................................................................................................. 35 9. Guidance ...........................................................................................................................................36 9.1. Crypto Officer Guidance ....................................................................................................................... 36

? 2021 Canonical Ltd. / atsec information security This document can be reproduced and distributed only whole and intact, including this copyright notice.

3 of 43

Ubuntu 18.04 Kernel Crypto API Cryptographic Module

FIPS 140-2 Non-Proprietary Security Policy

9.1.1. Module Installation ...................................................................................................................... 36 9.1.2. Operating Environment Configuration ........................................................................................ 36 9.2. User Guidance....................................................................................................................................... 37 9.2.1. AES-GCM IV .................................................................................................................................. 37 9.2.2. AES-XTS......................................................................................................................................... 37 9.2.3. Triple-DES encryption................................................................................................................... 38 9.2.4. Handling FIPS Related Errors........................................................................................................ 38 10. Mitigation of Other Attacks................................................................................................................39

? 2021 Canonical Ltd. / atsec information security This document can be reproduced and distributed only whole and intact, including this copyright notice.

4 of 43

Ubuntu 18.04 Kernel Crypto API Cryptographic Module

Copyrights and Trademarks

Ubuntu and Canonical are registered trademarks of Canonical Ltd. Linux is a registered trademark of Linus Torvalds.

FIPS 140-2 Non-Proprietary Security Policy

? 2021 Canonical Ltd. / atsec information security This document can be reproduced and distributed only whole and intact, including this copyright notice.

5 of 43

................
................

In order to avoid copyright disputes, this page is only a partial summary.

Google Online Preview   Download

To fulfill the demand for quickly locating and searching documents.

It is intelligent file search solution for home and business.

Literature Lottery

Related download
Related searches

©2024 5y1.org, Inc. All rights reserved.