This page was not yet optimized for use on mobile devices.

IBM Cloud Object Storage System’s™ FIPS Cryptographic Module

Certificate #4404

Webpage information ?

Status	active
Validation dates	04.01.2023
Sunset date	21-09-2026
Standard	FIPS 140-2
Security level	1
Type	Software
Embodiment	Multi-Chip Stand Alone
Caveat	None
Exceptions	Physical Security: N/A Design Assurance: Level 3 Mitigation of Other Attacks: N/A
Description	Cryptographic module used for IBM’s Cloud Object Storage system components
Tested configurations	ClevOS 3.16 FIPS running on IBM A10 Series with Intel Xeon 6230N with PAA ClevOS 3.16 FIPS running on IBM A10 Series with Intel Xeon 6230N without PAA ClevOS 3.16 FIPS running on PIO-628U-TR4T+-ST031 with Intel Xeon E5-2620 with PAA ClevOS 3.16 FIPS running on PIO-628U-TR4T+-ST031 with Intel Xeon E5-2620 without PAA (single-user mode) ClevOS 3.16 FIPS running on PIO-648R-E1CR36L+-ST031 with Intel Xeon E5-2620 with PAA ClevOS 3.16 FIPS running on PIO-648R-E1CR36L+-ST031 with Intel Xeon E5-2620 without PAA
Vendor	IBM Corporation
References	This certificate's webpage directly references 0 certificates, transitively this expands into 0 certificates.

Certificate

Webpage

Document information ?

Security policy

Security target PDF TXT

Symmetric Algorithms

AES, AES-256, AES-, TDEA, HMAC, HMAC-SHA-256, CMAC, CBC-MAC

Asymmetric Algorithms

ECDSA, ECC, Diffie-Hellman, DH, DSA

Hash functions

SHA-1, SHA-256, SHA-512, SHA-2, SHA3-256, SHA3-384, SHA3-512, SHA-3, SHA3, PBKDF

Schemes

Key Agreement

Protocols

SSH, TLS, TLSv1.2

Randomness

DRBG, RNG

Libraries

OpenSSL

Elliptic Curves

P-224, P-256, P-384, P-521

Block cipher modes

ECB, CBC, CTR, GCM, CCM

Security level

Level 1, level 1

Standards

FIPS 140-2, FIPS 180-4, FIPS 186-4, FIPS 197, FIPS 198-1, FIPS 198, FIPS 186-2, FIPS 202, SP 800-38B, SP 800-38C, SP 800-38D, SP 800-56A, SP 800-89, SP 800-90B, SP 800-131A, SP 180-135, SP 800-132, SP 800-107, SP 800-135, SP 800-52, NIST SP 800-38D, PKCS 1, RFC 5288

File metadata

Title:	Storage Pool Expansion Guide
Author:	IBM
Creation date:	D:20221219190454-05'00'
Modification date:	D:20221219190454-05'00'
Pages:	24
Creator:	Microsoft® Word 2016
Producer:	Microsoft® Word 2016

References

Heuristics ?

No heuristics are available for this certificate.

References ?

No references are available for this certificate.

Updates ?

09.02.2023 The certificate was first processed.

New certificate

A new FIPS 140 certificate with the product name was processed.

Raw data

{
  "_type": "sec_certs.sample.fips.FIPSCertificate",
  "cert_id": 4404,
  "dgst": "3b96c7da8a601e35",
  "heuristics": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.Heuristics",
    "algorithms": {
      "_type": "Set",
      "elements": [
        "SHA-3#A2467",
        "ECDSA#A2467",
        "HMAC#A2467",
        "KAS-SSC#A2467",
        "DRBG#A2466",
        "CVL#A2467",
        "SHS#A2466",
        "SHS#A2467",
        "PBKDF#A2467",
        "DRBG#A2467",
        "DSA#A2467",
        "AES#A2467",
        "RSA#A2467"
      ]
    },
    "cpe_matches": null,
    "direct_transitive_cves": null,
    "extracted_versions": {
      "_type": "Set",
      "elements": [
        "-"
      ]
    },
    "indirect_transitive_cves": null,
    "module_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "module_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "policy_processed_references": {
      "_type": "sec_certs.sample.certificate.References",
      "directly_referenced_by": null,
      "directly_referencing": null,
      "indirectly_referenced_by": null,
      "indirectly_referencing": null
    },
    "policy_prunned_references": {
      "_type": "Set",
      "elements": []
    },
    "related_cves": null,
    "verified_cpe_matches": null
  },
  "pdf_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.PdfData",
    "keywords": {
      "asymmetric_crypto": {
        "ECC": {
          "ECC": {
            "ECC": 1
          },
          "ECDSA": {
            "ECDSA": 10
          }
        },
        "FF": {
          "DH": {
            "DH": 3,
            "Diffie-Hellman": 4
          },
          "DSA": {
            "DSA": 11
          }
        }
      },
      "certification_process": {},
      "cipher_mode": {
        "CBC": {
          "CBC": 3
        },
        "CCM": {
          "CCM": 5
        },
        "CTR": {
          "CTR": 2
        },
        "ECB": {
          "ECB": 1
        },
        "GCM": {
          "GCM": 12
        }
      },
      "cplc_data": {},
      "crypto_engine": {},
      "crypto_library": {
        "OpenSSL": {
          "OpenSSL": 1
        }
      },
      "crypto_protocol": {
        "SSH": {
          "SSH": 6
        },
        "TLS": {
          "TLS": {
            "TLS": 9,
            "TLSv1.2": 1
          }
        }
      },
      "crypto_scheme": {
        "KA": {
          "Key Agreement": 3
        }
      },
      "device_model": {},
      "ecc_curve": {
        "NIST": {
          "P-224": 16,
          "P-256": 16,
          "P-384": 12,
          "P-521": 14
        }
      },
      "eval_facility": {},
      "fips_cert_id": {
        "Cert": {
          "#1": 1,
          "#2466": 2
        }
      },
      "fips_certlike": {
        "Certlike": {
          "AES (256": 3,
          "AES 256": 1,
          "AES-256": 1,
          "HMAC-SHA- 256": 2,
          "HMAC-SHA-256": 6,
          "PKCS 1": 2,
          "SHA- 1": 1,
          "SHA-1": 7,
          "SHA-2": 2,
          "SHA-2 (256": 2,
          "SHA-256": 2,
          "SHA-3": 1,
          "SHA-512": 1,
          "SHA2- 384": 1,
          "SHA2-256": 5,
          "SHA2-384": 4,
          "SHA2-512": 9,
          "SHA3-(256": 1,
          "SHA3-256": 3,
          "SHA3-384": 3,
          "SHA3-512": 3,
          "SHS Cert. #2466": 2
        }
      },
      "fips_security_level": {
        "Level": {
          "Level 1": 2,
          "level 1": 2
        }
      },
      "hash_function": {
        "PBKDF": {
          "PBKDF": 5
        },
        "SHA": {
          "SHA1": {
            "SHA-1": 7
          },
          "SHA2": {
            "SHA-2": 4,
            "SHA-256": 2,
            "SHA-512": 1
          },
          "SHA3": {
            "SHA-3": 1,
            "SHA3": 1,
            "SHA3-256": 3,
            "SHA3-384": 3,
            "SHA3-512": 3
          }
        }
      },
      "ic_data_group": {},
      "javacard_api_const": {},
      "javacard_packages": {},
      "javacard_version": {},
      "os_name": {},
      "pq_crypto": {},
      "randomness": {
        "PRNG": {
          "DRBG": 16
        },
        "RNG": {
          "RNG": 1
        }
      },
      "side_channel_analysis": {},
      "standard_id": {
        "FIPS": {
          "FIPS 140-2": 35,
          "FIPS 180-4": 3,
          "FIPS 186-2": 1,
          "FIPS 186-4": 6,
          "FIPS 197": 2,
          "FIPS 198": 1,
          "FIPS 198-1": 2,
          "FIPS 202": 1
        },
        "NIST": {
          "NIST SP 800-38D": 2,
          "SP 180-135": 1,
          "SP 800-107": 1,
          "SP 800-131A": 1,
          "SP 800-132": 1,
          "SP 800-135": 2,
          "SP 800-38B": 2,
          "SP 800-38C": 2,
          "SP 800-38D": 2,
          "SP 800-52": 1,
          "SP 800-56A": 1,
          "SP 800-89": 1,
          "SP 800-90B": 2
        },
        "PKCS": {
          "PKCS 1": 1
        },
        "RFC": {
          "RFC 5288": 1
        }
      },
      "symmetric_crypto": {
        "AES_competition": {
          "AES": {
            "AES": 16,
            "AES-": 1,
            "AES-256": 1
          }
        },
        "DES": {
          "3DES": {
            "TDEA": 1
          }
        },
        "constructions": {
          "MAC": {
            "CBC-MAC": 2,
            "CMAC": 8,
            "HMAC": 9,
            "HMAC-SHA-256": 3
          }
        }
      },
      "tee_name": {},
      "tls_cipher_suite": {},
      "vendor": {},
      "vulnerability": {}
    },
    "policy_metadata": {
      "/Author": "IBM",
      "/CreationDate": "D:20221219190454-05\u002700\u0027",
      "/Creator": "Microsoft\u00ae Word 2016",
      "/ModDate": "D:20221219190454-05\u002700\u0027",
      "/Producer": "Microsoft\u00ae Word 2016",
      "/Title": "Storage Pool Expansion Guide",
      "pdf_file_size_bytes": 1034648,
      "pdf_hyperlinks": {
        "_type": "Set",
        "elements": [
          "http://csrc.nist.gov/publications/nistpubs/800-67-Rev1/SP-800-67-Rev1.pdf",
          "mailto:Jason.P.Cox@ibm.com",
          "http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.186-4.pdf",
          "http://nvlpubs.nist.gov/nistpubs/SpecialPublications/NIST.SP.800-90Arev1.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-38C/SP800-38C_updated-July20_2007.pdf",
          "http://nvlpubs.nist.gov/nistpubs/FIPS/NIST.FIPS.180-4.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-89/SP-800-89_November2006.pdf",
          "http://csrc.nist.gov/publications/fips/fips197/fips-197.pdf",
          "http://csrc.nist.gov/groups/STM/cavp/documents/rng/931rngext.pdf",
          "http://csrc.nist.gov/publications/fips/fips140-2/fips1402.pdf",
          "https://csrc.nist.gov/publications/detail/sp/800-90b/final",
          "http://csrc.nist.gov/publications/nistpubs/800-131A/sp800-131A.pdf",
          "https://csrc.nist.gov/projects/cryptographic-module-validation-program",
          "mailto:dhendrickson@us.ibm.com",
          "http://csrc.nist.gov/publications/nistpubs/800-38D/SP-800-38D.pdf",
          "http://www.iups.org/media/meeting_minutes/C.pdf",
          "http://csrc.nist.gov/publications/nistpubs/800-56A/SP800-56A_Revision1_Mar08-2007.pdf",
          "http://csrc.nist.gov/publications/fips/fips198-1/FIPS-198-1_final.pdf"
        ]
      },
      "pdf_is_encrypted": false,
      "pdf_number_of_pages": 24
    }
  },
  "state": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.InternalState",
    "module_download_ok": true,
    "module_extract_ok": true,
    "policy_convert_garbage": false,
    "policy_convert_ok": true,
    "policy_download_ok": true,
    "policy_extract_ok": true,
    "policy_pdf_hash": "af68934367aef0682f9ddde4132b6648341af40cbf325794e1973f2076e49e1f",
    "policy_txt_hash": "fe7e52e09030956b887328aaf2baf9973d5a661085c001ee1bb29a49e5d2f684"
  },
  "web_data": {
    "_type": "sec_certs.sample.fips.FIPSCertificate.WebData",
    "caveat": "None",
    "certificate_pdf_url": "https://csrc.nist.gov/CSRC/media/projects/cryptographic-module-validation-program/documents/certificates/January 2023_010223_0657_signed.pdf",
    "date_sunset": "2026-09-21",
    "description": "Cryptographic module used for IBM\u2019s Cloud Object Storage system components",
    "embodiment": "Multi-Chip Stand Alone",
    "exceptions": [
      "Physical Security: N/A",
      "Design Assurance: Level 3",
      "Mitigation of Other Attacks: N/A"
    ],
    "fw_versions": null,
    "historical_reason": null,
    "hw_versions": null,
    "level": 1,
    "mentioned_certs": {},
    "module_name": "IBM Cloud Object Storage System\u2019s\u2122 FIPS Cryptographic Module",
    "module_type": "Software",
    "revoked_link": null,
    "revoked_reason": null,
    "standard": "FIPS 140-2",
    "status": "active",
    "sw_versions": "2.0",
    "tested_conf": [
      "ClevOS 3.16 FIPS running on IBM A10 Series with Intel Xeon 6230N with PAA",
      "ClevOS 3.16 FIPS running on IBM A10 Series with Intel Xeon 6230N without PAA",
      "ClevOS 3.16 FIPS running on PIO-628U-TR4T+-ST031 with Intel Xeon E5-2620 with PAA",
      "ClevOS 3.16 FIPS running on PIO-628U-TR4T+-ST031 with Intel Xeon E5-2620 without PAA (single-user mode)",
      "ClevOS 3.16 FIPS running on PIO-648R-E1CR36L+-ST031 with Intel Xeon E5-2620 with PAA",
      "ClevOS 3.16 FIPS running on PIO-648R-E1CR36L+-ST031 with Intel Xeon E5-2620 without PAA"
    ],
    "validation_history": [
      {
        "_type": "sec_certs.sample.fips.FIPSCertificate.ValidationHistoryEntry",
        "date": "2023-01-04",
        "lab": "GOSSAMER SECURITY SOLUTIONS INC",
        "validation_type": "Initial"
      }
    ],
    "vendor": "IBM Corporation",
    "vendor_url": "http://www.ibm.com"
  }
}