Last Updated: 7/26/2017
It is important to note that the items on this list are cryptographic modules. A module may either be an embedded component of a product or application, or a complete product in-and-of-itself. If the cryptographic module is a component of a larger product or application, one should contact the product or application vendor in order to determine how the product utilizes the embedded validated cryptographic module. There may be a larger number of security products or applications available which use an embedded validated cryptographic module, than the number of modules which are found in this list. In addition, other vendors, who are not found in this list, may incorporate a validated cryptographic module from this list embedded into their own products.
When selecting a module from a vendor, verify that the module is either the product or application itself (e.g. VPN, SmartCard, USB memory token, etc.) or the module is embedded in a larger product or application (e.g. toolkit, etc.). If the module is embedded in a product or application, ask the product or application vendor to provide a signed letter or statement affirming that the unmodified validated cryptographic module is integrated in the solution; the module provides all the cryptographic services in the solution; and provide reference to the modules validation certificate number from this listing.
NOTE1: Module descriptions are provided by the module vendors and have not been verified for accuracy by the CMVP. The descriptions do not imply endorsement by the U.S. or Canadian Governments or NIST. Additionally, the descriptions may not necessarily reflect the capabilities of the modules when operated in the FIPS-Approved mode. The algorithms, protocols, and cryptographic functions listed as "Other" or "Allowed" have not been tested through the CMVP and are not FIPS-Approved.
NOTE2: The operator of a cryptographic module is responsible for ensuring that the algorithms and key lengths are in compliance with the requirements of NIST SP 800-131A.
NOTE3: All questions regarding the implementation and/or use of any module located on the CMVP module validation lists should first be directed to the appropriate vendor point-of-contact (listed for each entry).
Please contact the CMVP if any errors are discovered or comments with suggestions for improvement of the validation listings.
Cert# | Vendor / CST Lab | Cryptographic Module | Module Type | Validation Date | Sunset Date | Level / Description |
---|---|---|---|---|---|---|
1867 | Pitney Bowes, Inc. 37 Executive Drive Danbury, CT 06810 USA David Riley TEL: 203-796-3208 FAX: 203-796-3129 CST Lab: NVLAP 100432-0 | Cygnus X3 Hardware Security Module (XHSM) (Hardware Version: P/N 1R84000 Version A; Firmware Versions: 01.00.06 and 01.03.0074 (Device Abstraction Layer)) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 12/19/2012 | 12/18/2017 | Overall Level: 3 -Physical Security: Level 3 +EFP -FIPS Approved algorithms: AES (Cert. #1979); DRBG (Cert. #181); DSA (Cert. #632); ECDSA (Cert. #286); HMAC (Cert. #1192); KAS (Cert. #33); CVL (Cert. #20); RSA (Cert. #1063); SHS (Cert. #1733); Triple-DES (Cert. #1319); Triple-DES MAC (Triple-DES Cert. #1319, vendor affirmed) -Other algorithms: AES (Cert. #1979, key wrapping; key establishment methodology provides 128 or 256 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Single-chip "The Pitney Bowes Cygnus X3 Postal Security Device (PSD) has been designed in compliance with FIPS 140-2 in order to support international digital indicia standards globally. The Cygnus X3 HSM Cryptographic Module employs strong encryption, decryption, and digital signature techniques for the protection of customer funds in Pitney Bowes Postage Metering products." |
1863 | Kaseya US Sales, LLC 901 N. Glebe Road Suite 1010 Arlington, VA 22203 USA Bill Durant TEL: 415-694-5700 CST Lab: NVLAP 200996-0 | Virtual System Administrator Cryptographic Module (Software Version: 1.0) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 12/13/2012 | 12/12/2017 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with MAC OS X v10.6.8 Windows 7 (32-bit) Windows 7 (64-bit) Windows Server 2008 Red Hat Enterprise Linux 5.5 (32-bit) Red Hat Enterprise Linux 5.5(64-bit) (single-user mode) -FIPS Approved algorithms: AES (Certs. #1988 and #1989); HMAC (Cert. #1202); SHS (Cert. #1744); DRBG (Cert. #185) -Other algorithms: AES (Cert. #1989, key wrapping); AES-CBC (non-compliant) Multi-chip standalone "The Kaseya Virtual System Administrator provides an IT automation framework allowing IT managers to proactively monitor, manage, maintain, and protect distributed IT resources using a single, integrated web-based interface. The services offered by Kaseya Virtual System Administrator are ever-broadening; as IT management services needs increase, so do the tools and services provided by the framework." |
1859 | Red Hat®, Inc. 314 Littleton Road Raleigh, NC 27606 USA Ann-Marie Rubin TEL: 978-392-1000 FAX: 978-392-1001 CST Lab: NVLAP 200658-0 | Red Hat Enterprise Linux 6.2 Openswan Cryptographic Module (Software Version: 2.0) (When operated in FIPS mode and when obtained, installed, and initialized as assumed by the Crypto Officer role and specified in Section 9 of the provided Security Policy. This module contains the embedded Red Hat Enterprise Linux 6.2 OpenSSL Cryptographic Module validated to FIPS 140-2 under Cert. #1758 operating in FIPS mode and the Network Security Services (NSS) Cryptographic Module validated to FIPS 140-2 under Cert. #1837 operating in FIPS mode. Section 1 of the provided Security Policy specifies the precise RPM files containing this module. The integrity of the RPMs are verified during the installation and the Crypto officer shall not install the RPM files if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 12/03/2012 | 12/2/2017 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Red Hat Enterprise Linux 6.2 (single-user mode) -FIPS Approved algorithms: Triple-DES (Certs. #1289 and #1290); AES (Certs. #1985 and 1986); SHS (Certs. #1741 and #1742); RSA (Cert. #979, vendor affirmed); DRBG (Certs. #183 and #184); DSA (Certs. #634 and #635); HMAC (Certs. #1129, #1130, #1134, #1135, #1199 and #1200) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 bits and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RC2; RC4; DES; Seed; CAMELLIA; MD2; MD5 Multi-chip standalone "The Red Hat Enterprise Linux 6.2 OpenSwan Cryptographic Module is a software only cryptographic module that provides the IKE protocol version 1 and version 2 key agreement services required for IPSec." |
1858 | Vidyo, Inc. 433 Hackensack Ave, 6th Floor Hackensack, NJ 07601 USA CST Lab: NVLAP 200556-0 | Cryptographic Security Kernel (Software Version: 1.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 11/29/2012 | 11/28/2017 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Linux Ubuntu 10.04 32-bit or Linux Ubuntu 10.04 64-bit running on Intel Xeon E50xx without PAA Mac OS X 10.6.8 32-bit running on Intel Core Duo without PAA Mac OS X 10.6.8 64-bit running on Intel Core 2 Duo without PAA Mac OS X 10.7.3 32-bit or Mac OS 10.7.3 64-bit running on Intel Core 2 Duo without PAA Windows 7 32-bit running on Intel Core Duo without PAA Windows 7 64-bit running on Intel Core 2 Duo without PAA Windows XP 32-bit running on Intel Core Duo without PAA Linux Ubuntu 10.04 32-bit or Linux Ubuntu 10.04 64-bit running on Intel Xeon E3 with PAA Mac OS X 10.6.8 32-bit or Mac OS X 10.6.8 64-bit running on Intel Core i5 with PAA Mac OS X 10.7.3 32-bit or Mac OS X 10.7.3 64-bit running on Intel Core i5 with PAA Windows 7 32-bit or Windows 7 64-bit running on Intel Core i5 with PAA Windows XP 32-bit running on Intel Core i5 with PAA (single-user mode) -FIPS Approved algorithms: AES (Certs. #2027 and #2028); DRBG (Certs. #194 and #195); HMAC (Certs. #1229 and #1230); SHS (Certs. #1776 and #1777) -Other algorithms: N/A Multi-chip standalone "The Vidyo Cryptographic Security Kernel is a subset of the VidyoTechnology Software Development Kit, which consists of a set of libraries providing video conferencing capabilities. The SDK allows licensed end-users to implement video conferencing capabilities within their own software applications; the Vidyo CSK library provides the cryptographic functions required to secure the communications." |
1854 | CST Lab: NVLAP 100432-0 | Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 11/28/2012 | 11/27/2017 | Overall Level: 2 Multi-chip standalone |
1839 | Entrust, Inc. One Lincoln Centre 5400 LBJ Freeway Suite 1340 Dallas, TX 75240 USA Entrust Sales CST Lab: NVLAP 100432-0 | Entrust Authority™ Security Toolkit for the Java® Platform (Software Version: 8.0) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 11/29/2012 05/28/2014 01/08/2016 | 1/7/2021 | Overall Level: 2 -Tested Configuration(s): Tested as meeting Level 2 with Microsoft Windows Server 2008 R2 with Dell Optiplex 755 -FIPS Approved algorithms: AES (Certs. #1935 and #1954); Triple-DES (Cert. #1261); Triple-DES MAC (Triple-DES Cert. #1261, vendor affirmed); DSA (Cert. #617); DRBG (Cert. #170); ECDSA (Cert. #277); SHS (Cert. #1700); HMAC (Cert. #1168); RSA (Cert. #1001); CVL (Cert. #16); CVL (SP 800-135rev1, vendor affirmed) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 128 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); AES (Cert. #1935, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); CAST3; CAST128; DES; IDEA; RC2; RC4; Rijndael-256; MD2; MD5; RIPEMD-160; SSL3-SHA-MD5; HMAC-MD5; CAST128 MAC; DES MAC; IDEA MAC; ElGamal; SPEKE; RNG (non-compliant) Multi-chip standalone "Entrust Authority™ Security Toolkit for the Java® Platform enables custom applications to be built using a rich set of APIs that provide encryption, digital signature, and certificate authentication capabilities, as well as the ability to manage the full lifecycles of digital certificate-based identities through integration with the Entrust Authority PKI." |
1837 | Red Hat®, Inc. 100 East Davie Street Raleigh, NC 27601 USA Robert Relyea TEL: 650-254-4236 CST Lab: NVLAP 200427-0 | NSS Cryptographic Module (Software Version: 3.12.9.1) (When operated in FIPS mode and when obtained, installed, and initialized as specified in Section 5 of the provided Security Policy. Section 5 also specifies the precise RPM file containing this module. The integrity of the RPM is automatically verified during the installation and the Crypto officer shall not install the RPM file if the RPM tool indicates an integrity error. Any deviation from the specified verification, installation and initialization procedures will result in a non FIPS 140-2 compliant module. The module generates cryptographic keys whose strengths are modified by available entropy.) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 11/08/2012 | 11/7/2017 | Overall Level: 1 -Design Assurance: Level 2 -Tested Configuration(s): Tested as meeting Level 1 with Red Hat Enterprise Linux v6.2 32-bit running on an Intel Core i7 system Red Hat Enterprise Linux v6.2 64-bit running on an Intel Core i7 system Red Hat Enterprise Linux v6.2 64-bit running on an Intel Core i7 system with PAA (single-user mode) -FIPS Approved algorithms: AES (Cert. #1908); DRBG (Cert. #165); DSA (Cert. #602); HMAC (Cert. #1145); RSA (Cert. #979); SHS (Cert. #1675); Triple-DES (Cert. #1240) -Other algorithms: AES (Cert. #1908, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Camellia; DES; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); HKDF; J-PAKE; MD2; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; Triple-DES (Cert. #1240, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "Network Security Services (NSS) is a set of open source C libraries designed to support cross-platform development of security-enabled applications. NSS implements major Internet security standards. NSS is available free of charge under a variety of open source compatible licenses. See http://www.mozilla.org/projects/security/pki/nss/ ." |
1835 | Cavium Networks 2315 N First Street San Jose, CA 95131 USA TA Ramanujam TEL: 408-931-2952 FAX: 408-577-1992 CST Lab: NVLAP 100432-0 | NITROX XL 1600-NFBE HSM Family (Hardware Versions: P/Ns CN1620-NFBE1NIC-2.0, CN1620-NFBE3NIC-2.0, CN1610-NFBE1NIC-2.0, CN1610-NFBE1-3.0, CN1620-NFBE1-3.0, CN1620-NFBE3-3.0, CN1610-NFBE1-2.0, CN1620-NFBE1-2.0 and CN1620-NFBE3-2.0; Firmware Version: CN16XX-NFBE-FW-2.1-110020) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 11/08/2012 10/18/2013 01/11/2017 | 1/10/2022 | Overall Level: 3 -FIPS Approved algorithms: AES (Certs. #1265 and #1266); DRBG (Cert. #32); DSA (Cert. #474); ECDSA (Certs. #150 and #188); HMAC (Cert. #736); KAS (Cert. #5); RSA (Certs. #607 and #742); SHS (Certs. #1165 and #1166); Triple-DES (Cert. #898) -Other algorithms: AES (Cert. #1265, key wrapping; key establishment methodology provides 256 bits of encryption strength); MD5; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength); PBE; RC4 Multi-chip embedded "The NITROX XL 1600-NFBE HSM adapter family delivers the world's fastest FIPS 140-2 Level 3 Hardware Security Module (HSM) with PCIe Gen 2.0. The NITROX XL family of adapters offers up to 45,000 RSA operations per second and 5 Gbps of bulk crypto performance and is certified to the stringent US Government security standards. This FIPS family delivers an unmatched solution to the increasing performance, cryptographic and time to market requirements of the financial, government and healthcare vertical markets." |
1831 | Motorola Solutions, Inc. 1303 East Algonquin Road Schaumburg, IL 60196 USA Ken Fuchs TEL: 847-387-2670 CST Lab: NVLAP 100432-0 | KMF CryptR (Hardware Version: P/N CLN8566A; Firmware Versions: R01.02.10, R01.05.00 or R01.05.01) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 11/05/2012 12/07/2012 09/12/2014 01/30/2017 | 1/29/2022 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Cert. #1901); DRBG (Cert. #159); ECDSA (Cert. #268); SHS (Cert. #1670) -Other algorithms: AES (Cert. #1901, key wrapping; key establishment methodology provides 256 bits of encryption strength); AES MAC (AES Cert. #1901, vendor affirmed; P25 AES OTAR); NDRNG; LFSR; KAS (non-compliant); DES-XL; DES-OFB; DES-ECB; DES-CBC; DVI-XL; DVP-XL Multi-chip standalone "The KMF CryptR provides encryption and decryption services for secure key management and Over-the-Air-Rekeying (OTAR) for Motorola's Key Management Facility (KMF). The KMF and KMF CryptR combine to provide these cryptographic services for Motorola's APCO-25 compliant Astro radio systems." |
1826 | Seagate Technology LLC 389 Disc Drive Longmont, CO 80503 USA Monty Forehand TEL: 720-684-2835 FAX: 720-684-2733 CST Lab: NVLAP 100432-0 | Seagate Secure® TCG Opal SSC Self-Encrypting Drive (Hardware Versions: 9WU142 [1, 2, 3, 4, 5], 9WU14C [1, 2, 3, 4, 5], 9WU141 [1, 2, 3, 4, 5], 1DJ142 [1, 5, 6, 7], 1DJ14C [1, 5, 6, 7], 1DJ141 [1, 5, 6, 7], 1RS152 [8, 9, 10], 1RS15C [8, 9, 10] and 1RS15D [8, 9, 10]; Firmware Versions: 0001SDM7 [1], 0001SED7 [2], 0002SDM7 [3], 0002SED7 [4], 0001LIM7 [5], 1002SED7 [6], 1003SED7 [7], 0001SDM7 [8], 0001YXM7 [9]or 0002LIM7 [10]) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 11/05/2012 06/14/2013 05/20/2014 09/25/2014 | 9/24/2019 | Overall Level: 2 -EMI/EMC: Level 3 -FIPS Approved algorithms: AES (Certs. #1343 and #1845); DRBG (Cert. #62); RSA (Cert. #650); SHS (Cert. #1225) -Other algorithms: NDRNG Multi-chip embedded "The Seagate Secure® TCG Opal SSC Self-Encrypting Drive is embedded in Seagate Momentus® Thin Self-Encrypting Drives (SEDs). The cryptographic module (CM) provides a wide range of cryptographic services using FIPS approved algorithms. Services include hardware-based data encryption, instantaneous user data disposal with cryptographic erase, independently controlled and protected user data LBA ranges, and authenticated FW download. The services are provided through an industry-standard TCG Opal SSC interface." |
1824 | Cisco Systems, Inc. 170 W. Tasman Drive San Jose, CA 95134 USA Global Certification Team CST Lab: NVLAP 200427-0 | Cisco Telepresence C20 Codec (Hardware Version: C20 v1; Firmware Version: TC5.0.2) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 11/14/2012 11/21/2012 12/03/2012 | 12/2/2017 | Overall Level: 1 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 2 -FIPS Approved algorithms: AES (Cert. #1928); DRBG (Cert. #168); DSA (Cert. #612); ECDSA (Cert. #276); HMAC (Cert. #1162); RSA (Cert. #994); SHS (Cert. #1693); Triple-DES (Cert. #1255) -Other algorithms: AES (Cert. #1928, key wrapping; key establishment methodology provides 128 bits of encryption strength); Blowfish; Camellia; DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); HMAC-MD5; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "The Cisco TelePresence portfolio creates an immersive, face-to-face experience over the network, empowering you to collaborate with others like never before. Through a powerful combination of technologies and design that allows you and remote participants to feel as if you are all in the same room, the Cisco TelePresence portfolio has the potential to provide great productivity benefits and transform your business. Many organizations are already using it to control costs, make decisions faster, improve customer intimacy, scale scarce resources, and speed products to market." |
1823 | Cisco Systems, Inc. 170 W. Tasman Drive San Jose, CA 95134 USA Global Certification Team CST Lab: NVLAP 200427-0 | Cisco Telepresence C40, C60, and C90 Codecs (Hardware Versions: C40 v1, C60 v1 and C90 v1 with CISCO-FIPSKIT=; Firmware Version: TC5.0.2) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 11/05/2012 11/21/2012 12/03/2012 | 12/2/2017 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -FIPS Approved algorithms: AES (Cert. #1928); DRBG (Cert. #168); DSA (Cert. #612); ECDSA (Cert. #276); HMAC (Cert. #1162); RSA (Cert. #994); SHS (Cert. #1693); Triple-DES (Cert. #1255) -Other algorithms: AES (Cert. #1928, key wrapping; key establishment methodology provides 128 bits of encryption strength); Blowfish; Camellia; DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); HMAC-MD5; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "The Cisco TelePresence portfolio creates an immersive, face-to-face experience over the network, empowering you to collaborate with others like never before. Through a powerful combination of technologies and design that allows you and remote participants to feel as if you are all in the same room, the Cisco TelePresence portfolio has the potential to provide great productivity benefits and transform your business. Many organizations are already using it to control costs, make decisions faster, improve customer intimacy, scale scarce resources, and speed products to market." |
1818 | Cisco Systems, Inc. 170 W. Tasman Drive San Jose, CA 95134 USA Global Certification Team CST Lab: NVLAP 200427-0 | Cisco EX60 and EX90 TelePresence Systems (Hardware Versions: EX60 v1 and EX90 v1 with CISCO-FIPSKIT=; Firmware Version: TC5.0.2) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 10/11/2012 11/21/2012 12/03/2012 | 12/2/2017 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -FIPS Approved algorithms: AES (Cert. #1928); DRBG (Cert. #168); DSA (Cert. #612); ECDSA (Cert. #276); HMAC (Cert. #1162); RSA (Cert. #994); SHS (Cert. #1693); Triple-DES (Cert. #1255) -Other algorithms: AES (Cert. #1928, key wrapping; key establishment methodology provides 128 bits of encryption strength); Blowfish; Camellia; DES; Diffie-Hellman (key agreement; key establishment methodology provides 80 bits of encryption strength; non-compliant); HMAC-MD5; MD5; RC2; RC4; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "The Cisco TelePresence portfolio creates an immersive, face-to-face experience over the network, empowering you to collaborate with others like never before. Through a powerful combination of technologies and design that allows you and remote participants to feel as if you are all in the same room, the Cisco TelePresence portfolio has the potential to provide great productivity benefits and transform your business. Many organizations are already using it to control costs, make decisions faster, improve customer intimacy, scale scarce resources, and speed products to market." |
1817 | LogRhythm 4780 Pearl East Circle Boulder, CO 80301 USA Emily Dobson TEL: 720-881-5348 CST Lab: NVLAP 200427-0 | LogRhythm 6.0.4 or 6.3.4 Event Manager (Software Version: 6.0.4 or 6.3.4) (When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2under Cert. #1336 operating in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 10/11/2012 05/18/2015 05/12/2016 | 5/11/2021 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Windows Server 2008 R2 (SP1) (single-user mode) running .NET framework version 3.5 -FIPS Approved algorithms: AES (Cert. #1168); DRBG (Cert. #23); HMAC (Cert. #686); RSA (Certs. #559 and #567); SHS (Cert. #1081) -Other algorithms: HMAC-MD5; MD5 Multi-chip standalone "The LogRhythm 6.0.4 Event Manager cryptographic module provides cryptographic services to an Event Manager. In particular, these services support secure communication with supporting SQL Server databases." |
1811 | IMS Health Inc. 16720 Route Transcanadienne Suite 1700 Kirkland, Québec H9H 5M3 Canada Charles Blair TEL: 905-816-5131 Hussam Mahgoub TEL: 905-816-5134 CST Lab: NVLAP 200928-0 | Diversinet Java Crypto Module (Software Version: 2.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 10/11/2012 02/20/2014 | 2/19/2019 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Microsoft Windows Server 2008 R2 with JDK v1.6 (single-user mode) -FIPS Approved algorithms: Triple-DES (Cert. #1276); AES (Cert. #1965); SHS (Cert. #1723); HMAC (Cert. #1185); DRBG (Cert. #175); RSA (Cert. #1017) -Other algorithms: N/A Multi-chip standalone "Diversinet Java SE Crypto Module is a JCA (Java Cryptography Architecture) Provider shipped with Diversinet MobiSecure Products. The Crypto Module implements several JCE (Java Cryptography Extension) algorithms including Triple DES, AES, SHA, HMAC and RSA. The Crypto Module is packaged in a signed Java Archive (JAR) file." |
1809 | Systematic Development Group, LLC 350 Jim Moran Blvd. Suite 122 Deerfield Beach, FL 33442 USA George Wolf TEL: 954-889-3535 x315 CST Lab: NVLAP 100432-0 | LOK‐IT® 10 KEY (Series SDG003FM/SDG005M) (Hardware Versions: HW003‐32 Rev:01 [2], HW003‐16 Rev:03 [1], HW003‐16 Rev:04 [2], HW003‐08 Rev:02 [1], HW003‐08 Rev:03 [2] , HW003‐04 Rev:02 [1] and HW003‐04 Rev:03 [2]; Firmware Version: USB Controller Firmware Revision V01.12A12-F01 [1] or V01.12A14‐F05 [2]; Security Controller Firmware Revision SDG003FM-010) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 10/02/2012 01/22/2013 07/26/2013 | 7/25/2018 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1514); SHS (Cert. #1682); DRBG (Cert. #164) -Other algorithms: NDRNG Multi-chip standalone "This module is a multi-chip standalone cryptographic module, as defined by FIPS 140-2 and consists of an Initio 1861 USB controller, NAND Flash memory and a Microchip PIC16LF1825 security controller. All components are encased in hard, opaque, production grade integrated circuit packaging. The cryptographic boundary is defined as the boundary of the module's PCB and hard epoxy coating. The module uses a NDRNG as input to a Hash_DRBG algorithm specified in NIST special publication SP800-90 to generate a random 256 bit encryption key. The AES key has 256 bits of entropy." |
1808 | LogRhythm 4780 Pearl East Circle Boulder, CO 80301 USA Emily Dobson TEL: 720-881-5348 CST Lab: NVLAP 200427-0 | LogRhythm 6.0.4 or 6.3.4 Log Manager (Software Version: 6.0.4 or 6.3.4) (When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2under Cert. #1336 operating in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 10/02/2012 05/18/2015 05/12/2016 | 5/11/2021 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Windows Server 2008 R2 (SP1) (single-user mode) running .NET framework version 3.5 -FIPS Approved algorithms: AES (Cert. #1168); DRBG (Cert. #23); HMAC (Cert. #686); RSA (Certs. #559 and #567); SHS (Cert. #1081) -Other algorithms: HMAC-MD5; MD5 Multi-chip standalone "The LogRhythm 6.0.4 Log Manager cryptographic module provides cryptographic services to a Log Manager. In particular, these services support secure communication with other LogRhythm components (System Monitor Agents and AI Engine Servers) and SQL Server databases." |
1807 | LogRhythm 4780 Pearl East Circle Boulder, CO 80301 USA Emily Dobson TEL: 720-881-5348 CST Lab: NVLAP 200427-0 | LogRhythm 6.0.4 or 6.3.4 Console (Software Version: 6.0.4 or 6.3.4) (When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2under Cert. #1336 operating in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 10/02/2012 05/18/2015 05/12/2016 | 5/11/2021 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Windows Server 2008 R2 (SP1) (single-user mode) running .NET framework version 3.5 -FIPS Approved algorithms: AES (Cert. #1168); DRBG (Cert. #23); HMAC (Cert. #686); RSA (Certs. #559 and #567); SHS (Cert. #1081) -Other algorithms: HMAC-MD5; MD5 Multi-chip standalone "The LogRhythm 6.0.4 Console cryptographic module provides cryptographic services to a Console. In particular, these services support secure communication with SQL Server databases in a LogRhythm deployment." |
1806 | LogRhythm 4780 Pearl East Circle Boulder, CO 80301 USA Emily Dobson TEL: 720-881-5348 CST Lab: NVLAP 200427-0 | LogRhythm 6.0.4 or 6.3.4 Windows System Monitor Agent (Software Version: 6.0.4 or 6.3.4) (When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2under Cert. #1336 operating in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 10/02/2012 05/18/2015 05/12/2016 | 5/11/2021 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Windows Server 2008 R2 (SP1) (single-user mode) running .NET framework version 3.5 -FIPS Approved algorithms: AES (Cert. #1168); DRBG (Cert. #23); HMAC (Cert. #686); RSA (Certs. #559 and #567); SHS (Cert. #1081) -Other algorithms: HMAC-MD5; MD5 Multi-chip standalone "The LogRhythm 6.0.4 Windows System Monitor Agent cryptographic module provides cryptographic services to a Windows System Monitor Agent. In particular, these services support secure communication with a LogRhythm Log Manager component." |
1805 | LogRhythm 4780 Pearl East Circle Boulder, CO 80301 USA Emily Dobson TEL: 720-881-5348 CST Lab: NVLAP 200427-0 | LogRhythm 6.0.4 or 6.3.4 AI Engine Server (Software Version: 6.0.4 or 6.3.4) (When operated in FIPS mode with module BCRYPTPRIMITIVES validated to FIPS 140-2under Cert. #1336 operating in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 10/02/2012 05/18/2015 05/12/2016 | 5/11/2021 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Windows Server 2008 R2 (SP1) (single-user mode) running .NET framework version 3.5 -FIPS Approved algorithms: AES (Cert. #1168); DRBG (Cert. #23); HMAC (Cert. #686); RSA (Certs. #559 and #567); SHS (Cert. #1081) -Other algorithms: HMAC-MD5; MD5 Multi-chip standalone "The LogRhythm 6.0.4 AI Engine Server cryptographic module provides cryptographic services to an AI Engine Server. In particular, these services support secure communication with LogRhythm Log Managers and Event Manager SQL Server databases." |
1804 | IMS Health Inc. 16720 Route Transcanadienne Kirkland, Québec H9H 5M3 Canada Charles Blair TEL: 905-816-5131 Hussam Mahgoub TEL: 905-816-5134 CST Lab: NVLAP 200928-0 | Diversinet Java Crypto Module for Mobile (Software Version: 2.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 10/03/2012 02/20/2014 | 2/19/2019 | Overall Level: 1 -Tested Configuration(s): Tested as meeting Level 1 with Android OS v2.2 (single-user mode) -FIPS Approved algorithms: Triple-DES (Cert. #1277); AES (Cert. #1966); SHS (Cert. #1724); HMAC (Cert. #1186); DRBG (Cert. #176); RSA (Cert. #1018) -Other algorithms: N/A Multi-chip standalone "Diversinet Java ME Crypto Module is shipped with Diversinet MobiSecure Client SDK for Java based run-time environments on Smartphones and tablets including, Android OS-, BlackBerry OS- and Java ME MIDP-based. The Crypto Module implements several cryptography algorithms including Triple DES, AES, SHA, HMAC and RSA." |
1801 | Motorola Solutions, Inc. 1301 East Algonquin Road Schaumburg, IL 60196 USA Kirk Mathews TEL: 847-576-4101 CST Lab: NVLAP 100432-0 | µMACE (Hardware Version: P/N AT58Z04; Firmware Version: R01.00.04) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 09/07/2012 | 9/6/2017 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1876); DRBG (Cert. #154); ECDSA (Cert. #263); KAS (Cert. #28); SHS (Cert. #1619) -Other algorithms: AES (Cert. #1876, key wrapping; key establishment methodology provides 256 bits of encryption strength); NDRNG Single-chip "The µMACE cryptographic processor is used in security modules embedded in Motorola Solutions security products." |
1800 | SafeNet, Inc. 4690 Millennium Drive Belcamp, MD 21017 USA Security and Certifications Team CST Lab: NVLAP 100432-0 | eToken 4300 (Hardware Version: Inside Secure AT90SC28880RCFV Rev. G; Firmware Version: SafeNet eToken 4300 010E.1245.0002 with PIV Applet 3.0) PIV Certificate #32 Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 12/06/2012 02/06/2014 01/10/2017 | 1/9/2022 | Overall Level: 2 -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Cert. #1655); RSA (Cert. #824); Triple-DES (Cert. #1088); Triple-DES MAC (Triple-DES Cert. #1088, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465); ECDSA (Cert. #214); CVL (Cert. #2); CVL (Certs. #218 and #222) -Other algorithms: HW RNG; AES-CMAC (non-compliant); AES (Cert. #1655, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "eToken 4300 is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. eToken 4300 is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 2. eToken 4300 supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. eToken 4300 exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications." |
1795 | Giesecke+Devrient Mobile Security America Inc. 45925 Horseshoe Drive Dulles, VA 20166 USA Jatin Deshpande TEL: 669-999-6323 FAX: 650-312-8129 Thomas Palsherm TEL: +49 89 4119-2384 FAX: +49 89 4119-9093 CST Lab: NVLAP 200427-0 | Sm@rtCafé Expert 6.0 FIPS (Hardware Versions: P5CC081, P5CD081 and P5CD145; Firmware Version: Sm@rtCafé Expert 6.0) (The module generates cryptographic keys whose strengths are modified by available entropy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/31/2012 07/14/2017 | 8/30/2017 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1755); DRBG (Cert. #116); RSA (Cert. #874); SHS (Cert. #1542); Triple-DES (Cert. #1136); Triple-DES MAC (Triple-DES Cert. #1136, vendor affirmed) -Other algorithms: AES (Cert. #1755, key wrapping; key establishment methodology provides between 128 and 175 bits of encryption strength) Single-chip "Giesecke & Devrient (G&D) Smart Card Chip Operating System Sm@rtCafé Expert 6.0 is a Java Card 3 and Global Platform v2.1.1 compliant smart card module supporting both contact and contactless interfaces. It also supports, at a minimum, RSA up to 2048 bits(RSA and RSA-CRT) with on-card key generation, Hash algorithms(including SHA256), AES(up to 256 bits), ECDSA, and Triple-DES. The Sm@rtCafé Expert 6.0 is suitable for government and corporate identification, payment and banking, health care, and Web applications." |
1794 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA Datacryptor-Certifications TEL: +44 (0)1844 201800 CST Lab: NVLAP 200002-0 | Secure Generic Sub-System (SGSS), Version 3.5 [1] and 3.6 [2] (Hardware Versions: 1213H130 Issue 6E [1], 1213R130 Issue 1 [1], 1213P130 Issue 2 [1], 1213P130 Issue 2A [1]. 1213P130 Issue 2B [2], 1213R130 Issue 2 [2] and 1213S130 Issue 2 [2]; Software Version: 3.0.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 08/28/2012 09/27/2012 12/10/2015 | 12/9/2020 | Overall Level: 3 -FIPS Approved algorithms: ECDSA (Cert. #283); SHS (Cert. #1717) -Other algorithms: N/A Multi-chip embedded "The Secure Generic Sub-System (SGSS) is a multi-chip embedded module used to provide secure cryptographic resources to a number of products in the Thales e-Security portfolio. This includes the Datacryptor® 2000, Datacryptor® Advanced Performance and Small Form Factor family (Link, Frame Relay, E1/T1, E3/T3, and IP models). The SGSS contains a secure bootstrap and authenticates application loading using the Digital Signature Algorithm (ECDSA) and SHA-384 hashing. This is a revalidation of the SGSS certified under FIPS Certificate #836, and does not affect the previous FIPS validation." |
1786 | RSA, The Security Division of EMC 174 Middlesex Turnpike Bedford, MA 01730 USA Rohit Mathur TEL: +61 7 3032 5220 CST Lab: NVLAP 200427-0 | RSA BSAFE® Crypto-J JSAFE and JCE Software Module (Software Version: 6.0) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 08/24/2012 01/24/2013 02/12/2016 05/03/2016 | 5/2/2021 | Overall Level: 1 -Design Assurance: Level 3 -Tested Configuration(s): Tested as meeting Level 1 with Windows 7 (64-bit) with Sun JRE 6.0 Android 2.2 ARM (32-bit) JRE 6.0 (single-user mode) -FIPS Approved algorithms: AES (Cert. #1911); DRBG (Cert. #160); DSA (Cert. #604); ECDSA (Cert. #271); HMAC (Cert. #1148); PBKDF (vendor affirmed); RSA (Cert. #981); SHS (Cert. #1678); Triple-DES (Cert. #1243) -Other algorithms: DES; DESX; Diffie-Hellman; Dual EC DRBG; EC Diffie-Hellman; ECIES; HMAC-MD5; MD2; MD4; MD5; RC2; RC4; RC5; RIPEMD160; RNG; RSA (encrypt/decrypt); RSA Keypair Generation MultiPrime Multi-chip standalone "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." |
1785 | RSA, The Security Division of EMC 174 Middlesex Turnpike Bedford, MA 01730 USA Rohit Mathur TEL: +61 7 3032 5220 CST Lab: NVLAP 200427-0 | RSA BSAFE® Crypto-J JSAFE and JCE Software Module (Software Version: 6.0) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 08/24/2012 01/24/2013 02/12/2016 05/03/2016 | 5/2/2021 | Overall Level: 1 -Roles, Services, and Authentication: Level 2 -Design Assurance: Level 3 -Tested Configuration(s): Tested as meeting Level 1 with Windows 7 (64-bit) with Sun JRE 6.0 Android 2.2 ARM (32-bit) JRE 6.0 (single-user mode) -FIPS Approved algorithms: AES (Cert. #1911); DRBG (Cert. #160); DSA (Cert. #604); ECDSA (Cert. #271); HMAC (Cert. #1148); PBKDF (vendor affirmed); RSA (Cert. #981); SHS (Cert. #1678); Triple-DES (Cert. #1243) -Other algorithms: DES; DESX; Diffie-Hellman; Dual EC DRBG; EC Diffie-Hellman; ECIES; HMAC-MD5; MD2; MD4; MD5; RC2; RC4; RC5; RIPEMD160; RNG; RSA (encrypt/decrypt); RSA Keypair Generation MultiPrime Multi-chip standalone "RSA BSAFE® Crypto-J security software is designed to help protect sensitive data as it is stored using strong encryption techniques to provide a persistent level of protection. It supports a wide range of industry standard encryption algorithms offering Java developers the flexibility to choose the option most appropriate to meet their requirements." |
1783 | CST Lab: NVLAP 200427-0 | Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/08/2012 03/19/2013 | 3/18/2018 | Overall Level: 2 * |
1781 | Valid S/A Av. Paulista, 1000, terreo Sao Paulo 01310-100 Brazil Carlos Okada TEL: +55 11 2575-6800 FAX: +55 11 2575-6500 CST Lab: NVLAP 100432-0 | IDflex V (Hardware Version: Inside Secure AT90SC28872RCU Rev. G; Firmware Version: Valid IDflex V 010B.0352.0005 with LASER PKI Applet 3.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/07/2012 | 8/6/2017 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1654); RSA (Cert. #824); Triple-DES (Cert. #1087); Triple-DES MAC (Triple-DES Cert. #1087, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465); ECDSA (Cert. #214); CVL (Cert. #2) -Other algorithms: HW RNG; AES-CMAC (non-compliant); EC Diffie-Hellman; AES (Cert. #1654, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "IDflex V is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 72KB of EEPROM. IDflex V is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDflex V supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDflex V exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications." |
1780 | CST Lab: NVLAP 100432-0 | Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/07/2012 09/26/2012 07/10/2013 03/21/2014 06/18/2014 07/05/2016 | 7/4/2021 | Overall Level: 2 Multi-chip standalone |
1779 | CST Lab: NVLAP 100432-0 | Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/07/2012 09/26/2012 07/10/2013 03/21/2014 06/18/2014 07/05/2016 | 7/4/2021 | Overall Level: 2 Multi-chip standalone |
1778 | CST Lab: NVLAP 100432-0 | Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/07/2012 04/15/2013 | 4/14/2018 | Overall Level: 2 Multi-chip standalone |
1773 | Ciena® Corporation 1201 Winterson Road Linthicum, MD 21090 USA Patrick Scully TEL: 613-670-3207 CST Lab: NVLAP 200928-0 | 565 Advanced Services Platform [1], 5100 Advanced Services Platform [2] and 5200 Advanced Services Platform [3] (Hardware Versions: [NT0H50DAE5 REV 004 [1], NTPM50AAE5 Rev 11 [2], NT0H50AA Rev 014 [3], SP Card NT0H5066E5 Rev 04 [1] and NT0H41ABE5 Rev 8 [2,3], QOTR/E Card NT0H25BAE5 Rev 2 [1,2,3], OCM Card NT0H40BCE5 Rev 18 [3], Filler Card NT0H52ABE6 Rev 02 [1,2,3]] with FIPS security kit NT0H25BZ Rev 3; Firmware Versions: 11.2 and 11.21) (When operated in FIPS mode and with the tamper evident seals installed as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/01/2012 02/06/2013 | 2/5/2018 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -FIPS Approved algorithms: Triple-DES (Cert. #1161); AES (Certs. #1682, #1794 and #1796); SHS (Certs. #1576 and #1578); HMAC (Certs. #1058 and #1060); RSA (Certs. #897 and #899); DRBG (Certs. #130 and #131) -Other algorithms: Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); MD5; DES; Blowfish Multi-chip standalone "The 565/5100/5200 Advanced Services Platform offers an integrated transport encryption solution providing an ultra-low latency and protocol-agnostic wirespeed encryption service for use in small to large enterprises or datacenters and also offered through service providers as a differentiated managed service." |
1770 | Blue Coat® Systems, Inc. 420 N. Mary Avenue Sunnyvale, CA 94085 USA Wendi Ittah TEL: 703-399-0535 CST Lab: NVLAP 200928-0 | ProxySG 510-5 [1], 510-10 [2], 510-20 [3], 510-25 [4], 810-5 [5], 810-10 [6], 810-20 [7], 810-25 [8] (Hardware Versions: 090-02760 Rev U.0 [1]; 090-02761 Rev X.0 [2]; 090-02762 Rev W.0 [2]; 090-02761 Rev C.0 [2]; 090-02762 Rev C.0 [2]; 090-02763 Rev W.0 [3]; 090-02764 Rev W.0 [3]; 090-02763 Rev C.0 [3]; 090-02764 Rev C.0 [3]; 090-02781 Rev X.0 [4]; 090-02782 Rev X.0 [4]; 090-02781 Rev C.0 [4]; 090-02782 Rev C.0 [4]; 090-02765 Rev W.0 [5]; 090-02766 Rev Y.0 [6]; 090-02767 Rev Y.0 [6]; 090-02766 Rev H.0 [6]; 090-02767 Rev H.0 [6];090-02768 Rev X.0 [7]; 090-02769 Rev X.0 [7]; 090-02768 Rev H.0 [7]; 090-02769 Rev H.0 [7]; 090-02783 Rev Z.0 [8]; 090-02784 Rev Z.0 [8]; 090-02783 Rev H.0 [8] and 090-02784 Rev H.0 [8] with FIPS kit 085-02597; Firmware Version: 6.1 or 6.1.5.5) (When operated in FIPS mode with the tamper evident seals and the opacity baffle installed as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 07/31/2012 08/07/2012 01/04/2013 | 1/3/2018 | Overall Level: 2 -FIPS Approved algorithms: AES (Certs. #105, #397 and #1875); Triple-DES (Certs. #217, #435 and #1218); RSA (Cert. #956); SHS (Cert. #1648); HMAC (Cert. #1120); DRBG (Cert. #153) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 510 and 810 are some of several appliance lines offered by Blue Coat" |
1767 | Blue Coat® Systems, Inc. 420 N. Mary Avenue Sunnyvale, CA 94085 USA Wendi Ittah TEL: 703-399-0535 CST Lab: NVLAP 200928-0 | ProxySG 900-10 [1], 900-10B [2], 900-20 [3], 900-30 [4], 900-45 [5] and 900-55 [6] (Hardware Versions: 090-02900 [1], 090-02901 [1], 090-02988 [2], 090-02989 [2], 090-02902 [3], 090-02903 [3], 090-02904 [4], 090-02905 [4], 09002908 [5], 090-02909 [5], 090-02979 [6] and 090-02980 [6] with FIPS kit 085-02742; Firmware Version: 6.1 or 6.1.5.5) (When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 07/27/2012 08/07/2012 08/16/2012 01/04/2013 | 1/3/2018 | Overall Level: 2 -FIPS Approved algorithms: AES (Certs. #1265 and #1875); Triple-DES (Certs. #898 and #1218); RSA (Cert. #956); SHS (Cert. #1648); HMAC (Cert. #1120); DRBG (Cert. #153) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 900 is one of several appliance lines offered by Blue Coat" |
1766 | Blue Coat® Systems, Inc. 420 N. Mary Avenue Sunnyvale, CA 94085 USA Wendi Ittah TEL: 703-399-0535 CST Lab: NVLAP 200928-0 | ProxySG 9000-10 [1], 9000-20 [2], 9000-20B [3], 9000-30 [4] and 9000-40 [5] (Hardware Versions: 090-02844 [1], 090-02843 [1], 090-02840 [2], 090-02839 [2], 090-02984 [3], 090-02985 [3], 090-02841 [4], 090-02842 [4], 090-02845 [5] and 090-02846 [5] with FIPS kit 085-02718; Firmware Version: 6.1 or 6.1.5.5) (When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 07/27/2012 08/07/2012 08/16/2012 09/27/2012 01/04/2013 | 1/3/2018 | Overall Level: 2 -FIPS Approved algorithms: AES (Certs. #1265 and #1875); Triple-DES (Certs. #898 and #1218); RSA (Cert. #956); SHS (Cert. #1648); HMAC (Cert. #1120); DRBG (Cert. #153) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 9000 is one of several appliance lines offered by Blue Coat" |
1764 | Athena Smartcard Inc. 16615 Lark Avenue Suite 202 Los Gatos, CA 95032 USA Stéphanie Motré TEL: 408-786-1028 FAX: 408-608-1818 CST Lab: NVLAP 100432-0 | IDProtect Duo with PIV (Hardware Version: Inside Secure AT90SC28880RCFV Rev. G; Firmware Version: Athena IDProtect 010E.1245.0002 with PIV Applet 3.0) PIV Certificate #31 Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 08/23/2012 04/12/2013 02/06/2014 05/28/2014 | 5/27/2019 | Overall Level: 2 -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Cert. #1655); RSA (Cert. #824); Triple-DES (Cert. #1088); Triple-DES MAC (Triple-DES Cert. #1088, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465); ECDSA (Cert. #214); CVL (Cert. #2); CVL (Certs. #218 and #222) -Other algorithms: HW RNG; AES-CMAC (non-compliant); AES (Cert. #1655, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 2. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high performance government and enterprise smart card applications." |
1762 | INSIDE Secure 41 Parc Club du Golf Aix-en-Provence 13856 France Jerome Ducros TEL: +333 (0) 413758653 CST Lab: NVLAP 100432-0 | VaultIC420™, VaultIC440™ and VaultIC460™ (Hardware Versions: P/N: ATVaultIC420, ATVaultIC440 and ATVaultIC460, Platform: AT90SO128 - Silicon Rev F; Firmware Version: 1.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 07/27/2012 09/06/2012 | 9/5/2017 | Overall Level: 3 -Physical Security: Level 4 -FIPS Approved algorithms: AES (Cert. #1822); DRBG (Cert. #142); DSA (Cert. #572); ECDSA (Cert. #251); HMAC (Cert. #1077); RSA (Cert. #927); SHS (Cert. #1601); Triple-DES (Cert. #1175) -Other algorithms: DES; DES MAC; Triple-DES MAC (non-compliant); HOTP; TOTP; RSA (encrypt/decrypt); AES (Cert. #1822, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "The VaultIC™ 420, VaultIC™ 440 and VaultIC™ 460 is an Application Specific Standard Product (ASSP) designed to secure various systems against counterfeiting, cloning or identity theft. It is a hardware security module that can be used in many applications such as IP protection, access control or hardware protection." |
1750 | Athena Smartcard Inc. 16615 Lark Avenue Suite 202 Los Gatos, CA 95032 USA Stéphanie Motré TEL: 408-786-1028 FAX: 408-608-1818 CST Lab: NVLAP 100432-0 | IDProtect Key with LASER PKI (Hardware Versions: Inside Secure AT90SC25672RCT-USB Rev. D packaged in TIDPTMINI72 and TIDPUSBV2J; Firmware Version: Athena IDProtect 0106.0130.0401 with LASER PKI Applet 3.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 07/17/2012 04/12/2013 05/28/2014 | 5/27/2019 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1654); RSA (Cert. #824); Triple-DES (Cert. #1087); Triple-DES MAC (Triple-DES Cert. #1087, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465); ECDSA (Cert. #214); CVL (Cert. #2) -Other algorithms: HW RNG; AES-CMAC (non-compliant); EC Diffie-Hellman; AES (Cert. #1654, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 72KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications." |
1749 | Athena Smartcard Inc. 16615 Lark Avenue Suite 202 Los Gatos, CA 95032 USA Stéphanie Motré TEL: 408-786-1028 FAX: 408-608-1818 CST Lab: NVLAP 100432-0 | IDProtect Duo with LASER PKI (Hardware Version: Inside Secure AT90SC28880RCFV Rev. G; Firmware Version: Athena IDProtect 010E.1245.0002 with LASER PKI Applet 3.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 07/17/2012 04/12/2013 05/28/2014 | 5/27/2019 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1655); RSA (Cert. #824); Triple-DES (Cert. #1088); Triple-DES MAC (Triple-DES Cert. #1088, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465); ECDSA (Cert. #214); CVL (Cert. #2) -Other algorithms: HW RNG; AES-CMAC (non-compliant); EC Diffie-Hellman; AES (Cert. #1655, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 80KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications." |
1747 | OpenSSL Validation Services 1829 Mount Ephraim Road Adamstown, MD 21710 USA Steve Marquess TEL: 301-874-2571 CST Lab: NVLAP 100432-0 | OpenSSL FIPS Object Module (Software Versions: 2.0, 2.0.1, 2.0.2, 2.0.3, 2.0.4, 2.0.5, 2.0.6, 2.0.7, 2.0.8, 2.0.9 or 2.0.10) (When built, installed, protected and initialized as assumed by the Crypto Officer role and as specified in the provided Security Policy. Appendix A of the provided Security Policy specifies the actual distribution tar file containing the source code of this module. There shall be no additions, deletions or alterations to the tar file contents as used during module build. The distribution tar file shall be verified as specified in Appendix A of the provided Security Policy. Installation and protection shall be completed as specified in Appendix A of the provided Security Policy. Initialization shall be invoked as per Section 4 of the provided Security Policy. Any deviation from specified verification, protection, installation and initialization procedures will result in a non FIPS 140-2 compliant module.) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 06/27/2012 07/09/2012 07/18/2012 10/24/2012 01/22/2013 02/06/2013 02/22/2013 02/28/2013 03/28/2013 05/16/2013 06/14/2013 08/16/2013 08/23/2013 11/08/2013 12/20/2013 06/27/2014 07/03/2014 09/02/2014 09/12/2014 10/16/2014 12/31/2014 06/15/2015 09/04/2015 01/25/2016 01/10/2017 01/30/2017 | 1/29/2022 | Overall Level: 1 -Roles, Services, and Authentication: Level 2 Design Assurance: Level 3 -Tested Configuration(s): Tested as meeting Level 1 with Android 2.2 running on Qualcomm QSD8250 (ARMv7) without NEON (gcc Compiler Version 4.4.0) Android 2.2 running on Qualcomm QSD8250 (ARMv7) with NEON (gcc Compiler Version 4.4.0) Microsoft Windows 7 (32 bit) running on Intel Celeron (Microsoft 32 bit C/C++ Optimizing Compiler Version 16.00) uCLinux 0.9.29 running on ARM 922T (ARMv4) (gcc Compiler Version 4.2.1) Fedora 14 running on Intel Core i5 with PAA (gcc Compiler Version 4.5.1) HP-UX 11i (32 bit) running on Intel Itanium 2 (HP C/aC++ B3910B) HP-UX 11i (64 bit) running on Intel Itanium 2 (HP C/aC++ B3910B) Ubuntu 10.04 running on Intel Pentium T4200 (gcc Compiler Version 4.1.3) Ubuntu 10.04 (32 bit) running on Intel Pentium T4200 (gcc Compiler Version 4.1.3) Ubuntu 10.04 (64 bit) running on Intel Pentium T4200 (gcc Compiler Version 4.1.3) Android 3.0 running on NVIDIA Tegra 250 T20 (ARMv7) (gcc Compiler Version 4.4.0) Linux 2.6.27 running on PowerPC e300c3 (gcc Compiler Version 4.2.4) Microsoft Windows 7 (64 bit) running on Intel Pentium 4 (Microsoft C/C++ Optimizing Compiler Version 16.00) Ubuntu 10.04 running on Intel Core i5 with PAA (32 bit) (gcc Compiler Version 4.1.3) Linux 2.6.33 running on PowerPC32 e300 (gcc Compiler Version 4.1.0) Android 2.2 running on OMAP 3530 (ARMv7) with NEON (gcc Compiler Version 4.1.0) VxWorks 6.8 running on TI TNETV1050 (MIPS) (gcc Compiler Version 4.1.2) Linux 2.6 running on Broadcom BCM11107 (ARMv6) (gcc Compiler Version 4.3.2) Linux 2.6 running on TI TMS320DM6446 (ARMv4) (gcc Compiler Version 4.3.2) Linux 2.6.32 running on TI AM3703CBP (ARMv7) (gcc Compiler Version 4.3.2) Oracle Solaris 10 (32 bit) running on SPARC-T3 (SPARCv9) (gcc Compiler Version3.4.3) Oracle Solaris 10 (64 bit) running on SPARC-T3 (SPARCv9) (gcc Compiler Version 3.4.3) Oracle Solaris 11 (32 bit) running on Intel Xeon 5675 (gcc Compiler Version 4.5.2) Oracle Solaris 11 (64 bit) running on Intel Xeon 5675 (gcc Compiler Version 4.5.2) Oracle Solaris 11 running on Intel Xeon 5675 with AESNI (32 bit) (gcc Compiler Version 4.5.2) Oracle Solaris 11 running on Intel Xeon 5675 with AESNI (64 bit) (gcc Compiler Version 4.5.2) Oracle Linux 5 (64 bit) running on Intel Xeon 5675 (gcc Compiler Version 4.1.2) CascadeOS 6.1 (32 bit) running on Intel Pentium T4200 (gcc Compiler Version 4.4.5) CascadeOS 6.1 (64 bit) running on Intel Pentium T4200 (gcc Compiler Version 4.4.5) Oracle Linux 5 running on Intel Xeon 5675 with PAA (gcc Compiler Version 4.1.2) Oracle Linux 6 running on Intel Xeon 5675 without PAA (gcc Compiler Version 4.4.6) Oracle Linux 6 running on Intel Xeon 5675 with PAA (gcc Compiler Version 4.4.6) Oracle Solaris 11 (32 bit) running on SPARC-T3 (SPARCv9) (Sun C Version 5.12) Oracle Solaris 11 (64 bit) running on SPARC-T3 (SPARCv9) (Sun C Version 5.12) Android 4.0 running on NVIDIA Tegra 250 T20 (ARMv7) (gcc Compiler Version 4.4.3) Apple iOS 5.1 running on ARMv7 (gcc Compiler Version 4.2.1) Microsoft Windows CE 6.0 running on ARMv5TEJ (Microsoft C/C++ Optimizing Compiler Version 15.00 for ARM) Microsoft Windows CE 5.0 running on ARMv7 (Microsoft C/C++ Optimizing Compiler Version 13.10 for ARM) Linux 2.6 running on Freescale PowerPCe500 (gcc Compiler Version 4.1.0) DSP Media Framework 1.4 running on TI C64x+ (TMS320C6x C/C++ Compiler v6.0.13) Android 4.0 running on TI OMAP 3 (ARMv7) with NEON (gcc Compiler Version 4.4.3) NetBSD 5.1 running on PowerPCe500 (gcc Compiler Version 4.1.3) NetBSD 5.1 running on Intel Xeon 5500 (gcc Compiler Version 4.1.3) Microsoft Windows 7 running on Intel Core i5- 2430M (64-bit) with PAA (Microsoft ® C/C++ Optimizing Compiler Version 16.00 for x64) Android 4.1 running on TI DM3730 (ARMv7) without NEON (gcc Compiler Version 4.6) Android 4.1 running on TI DM3730 (ARMv7) with NEON (gcc Complier Version 4.6) Android 4.2 running on Nvidia Tegra 3 (ARMv7) without NEON (gcc Compiler Version 4.6) Android 4.2 running on Nvidia Tegra 3 (ARMv7) with NEON (gcc Compiler Version 4.6) Windows Embedded Compact 7 running on Freescale i.MX53xA (ARMv7) with NEON (Microsoft C/C++ Optimizing Compiler Version 15.00.20720) Windows Embedded Compact 7 running on Freescale i.MX53xD (ARMv7) with NEON (Microsoft C/C++ Optimizing Compiler Version 15.00.20720) Android 4.0 running on Qualcomm Snapdragon APQ8060 (ARMv7) with NEON (gcc compiler Version 4.4.3) Apple OS X 10.7 running on Intel Core i7-3615QM (Apple LLVM version 4.2) Apple iOS 5.0 running on ARM Cortex A8 (ARMv7) with NEON (gcc Compiler Version 4.2.1) OpenWRT 2.6 running on MIPS 24Kc (gcc Compiler Version 4.6.3) QNX 6.4 running on Freescale i.MX25 (ARMv4) (gcc Compiler Version 4.3.3) Apple iOS 6.1 running on Apple A6X SoC (ARMv7s) (gcc Compiler Version 4.2.1) eCos 3 running on Freescale i.MX27 926ejs (ARMv5TEJ) (gcc Compiler Version 4.3.2) Vmware Horizon Workspace 1.5 under Vmware ESXi 5.0 running on Intel Xeon E3-1220 (x86) without PAA (gcc Compiler Version 4.5.1) Vmware Horizon Workspace 1.5 under Vmware ESXi 5.0 running on Intel Xeon E3-1220 (x86) with PAA (gcc Compiler Version 4.5.1)1 Ubuntu 13.04 running on AM335x Cortex-A8 (ARMv7) without NEON (gcc Compiler Version 4.7.3) Ubuntu 13.04 running on AM335x Cortex-A8 (ARMv7) with NEON (gcc Compiler Version 4.7.3) Linux 3.8 running on ARM926 (ARMv5TEJ) (gcc Compiler Version 4.7.3) Linux 3.4 under Citrix XenServer 6.2 running on Intel Xeon E5-2430L without PAA (gcc Compiler Version 4.8.0) Linux 3.4 under Citrix XenServer 6.2 running on Intel Xeon E5-2430L with PAA (gcc Compiler Version 4.8.0) Linux 3.4 under Vmware ESXi 5.1 running on Intel Xeon E5-2430L without PAA (gcc Compiler Version 4.8.0) Linux 3.4 under Vmware ESXi 5.1 running on Intel Xeon E5-2430L with PAA (gcc Compiler Version 4.8.0) Linux 3.4 under Microsoft Windows 2012 Hyper-V running on Intel Xeon E5-2430L without PAA (gcc Compiler Version 4.8.0) Linux 3.4 under Microsoft Windows 2012 Hyper-V running on Intel Xeon E5-2430L with PAA (gcc Compiler Version 4.8.0)2 iOS 6.0 running on Apple A5 / ARM Cortex-A9 (ARMv7) without NEON (gcc Compiler Version 4.2.1) iOS 6.0 running on Apple A5 / ARM Cortex-A9 (ARMv7) with NEON (gcc Compiler Version 4.2.1) PexOS 1.0 under vSphere ESXi 5.1 running on Intel Xeon E52430L without PAA (gcc Compiler Version 4.6.3) PexOS 1.0 under vSphere ESXi 5.1 running on Intel Xeon E52430L with PAA (gcc Compiler Version 4.6.3)3 Linux 2.6 running on Freescale e500v2 (PPC) (gcc Compiler Version 4.4.1) AcanOS 1.0 running on Intel Core i7-3612QE (x86) without PAA (gcc Compiler Version 4.6.2) AcanOS 1.0 running on Intel Core i7-3612QE (x86) with PAA (gcc Compiler Version 4.6.2) AcanOS 1.0 running on Feroceon 88FR131 (ARMv5) (gcc Compiler Version 4.5.3) FreeBSD 8.4 running on Intel Xeon E5440 (x86) without AESNI (gcc Compiler Version 4.2.1) FreeBSD 9.1 running on Xeon E5-2430L (x86) without AESNI (gcc Compiler Version 4.2.1) FreeBSD 9.1 running on Xeon E5-2430L (x86) with PAA (gcc Compiler Version 4.2.1) ArbOS 5.3 running on Xeon E5645 (x86) without PAA (gcc Compiler Version 4.1.2) Linux ORACLESP 2.6 running on ASPEED AST-Series (ARMv5) (gcc Compiler Version 4.4.5) Linux ORACLESP 2.6 running on Emulex PILOT3 (ARMv5) (gcc Compiler Version 4.4.5) ArbOS 5.3 running on Xeon E5645 (x86) with PAA (gcc Compiler Version 4.1.2) FreeBSD 9.2 running on Xeon E5-2430L (x86) without PAA (gcc Compiler Version 4.2.1) FreeBSD 9.2 running on Xeon E5-2430L (x86) with PAA (gcc Compiler Version 4.2.1) FreeBSD 10.0 running on Xeon E5-2430L (x86) without PAA (clang Compiler Version 3.3) FreeBSD 10.0 running on Xeon E5- 2430L (x86) with PAA (clang Compiler Version 3.3) FreeBSD 8.4 running on Intel Xeon E5440 (x86) 32-bit (gcc Compiler Version 4.2.1) Vmware Horizon Workspace 2.1 under vSphere ESXi 5.5 running on Intel Xeon E3-1220 (x86) without PAA (gcc Compiler Version 4.5.1) Vmware Horizon Workspace 2.1 under vSphere ESXi 5.5 running on Intel Xeon E3-1220 (x86) with PAA (gcc Compiler Version 4.5.1) QNX 6.5 running on Freescale i.MX25 (ARMv4) (gcc Compiler Version 4.3.3) Apple iOS 7.1 64- bit running on Apple A7 (ARMv8) without NEON (clang Compiler Version 5.1) Apple iOS 7.1 64-bit running on Apple A7 (ARMv8) with NEON (clang Compiler Version 5.1) TS-Linux 2.4 running on Arm920Tid (ARMv4) (gcc Compiler Version 4.3.2)4 iOS 8.1 64-bit running on Apple A7 (ARMv8) without NEON and Crypto Extensions (clang Compilerv Version 600.0.56) iOS 8.1 64-bit running on Apple A7 (ARMv8) with NEON and Crypto Extensions (clang Compiler Version 600.0.56) VxWorks 6.9 running on Freescale P2020 (PPC) (gcc Compiler Version 4.3.3) iOS 8.1 32-bit running on Apple A7 (ARMv8) without NEON (clang Compiler Version 600.0.56) iOS 8.1 32-bit running on Apple A7 (ARMv8) with NEON (clang Compiler Version 600.0.56) Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) without NEON (gcc Compiler Version 4.9) Android 5.0 32-bit running on Qualcomm APQ8084 (ARMv7) with NEON (gcc Compiler Version 4.9) Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) without NEON and Crypto Extensions (gcc Compiler Version 4.9) Android 5.0 64-bit running on SAMSUNG Exynos7420 (ARMv8) with NEON and Crypto Extensions (gcc Compiler Version 4.9) (singleusermode) -FIPS Approved algorithms: AES (Certs. #1884, #2116, #2234, #2342, #2394, #2484, #2824, #2929, #3090 and #3264); DRBG (Certs. #157, #229, #264, #292, #316, #342, #485, #540, #607 and #723); DSA (Certs. #589, #661, #693, #734, #748, #764, #853, #870, #896 and #933); HMAC (Certs. #1126, #1288, #1363, #1451, #1485, #1526, #1768, #1856, #1937 and #2063); RSA (Certs. #960, #1086, #1145, #1205, #1237, #1273, #1477, #1535, #1581 and #1664); SHS (Certs. #1655, #1840, #1923, #2019, #2056, #2102, #2368, #2465, #2553 and #2702); Triple-DES (Certs. #1223, #1346, #1398, #1465, #1492, #1522, #1695, #1742, #1780 and #1853); ECDSA (Certs. #264, #270, #315, #347, #378, #383, #394, #413, #496, #528, #558 and #620); CVL (Certs. #10, #12, #24, #36, #49, #53, #71, #85, #260, #331, #372 and #472) -Other algorithms: EC Diffie-Hellman; RSA (encrypt/decrypt); RNG Multi-chip standalone "The OpenSSL FIPS Object Module 2.0 is a general purpose cryptographic module delivered as open source code. It is designed for ease of use with the popular OpenSSL cryptographic library and toolkit and is available for use without charge for a wide variety of platforms. The basic validation can also be extended quickly and affordably to accommodate new platforms and many types of modifications." |
1746 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5] (Hardware Versions: nC4033P-4K0 [1], nC4033P-2K0 [2], nC4033P-2K0N [3], nC4033P-500 [4] and nC4033P-500N [5], Build Standard N; Firmware Versions: 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/25/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 +EFP -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Cert. #1579); Triple-DES (Certs. #132 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nShield F3 4000, nShield F3 2000, nShield F3 2000 for netHSM, nShield F3 500, and nShield F3 500 for netHSM family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
1744 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3] (Hardware Versions: nC4031Z-10 [1], nC3021U-10 [2] and TSMC200 [3], Build Standard N; Firmware Versions: 2.50.17-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 06/25/2012 08/16/2013 10/25/2013 10/31/2015 | 10/30/2020 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Cert. #1770); Triple-DES (Cert. #1146); HMAC (Cert. #1039); Triple-DES MAC (Triple-DES Cert. #1146, vendor affirmed); SHS (Cert. #1554); DSA (Cert. #553); ECDSA (Cert. #238); RSA (Cert. #886); DRBG (Cert. #120); CVL (Cert. #6) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine." |
1743 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F2 6000e [1], nShield F2 1500e [2], nShield F2 500e [3] and nShield F2 10e [4] (Hardware Versions: nC3023E-6K0 [1], nC3023E-1K5 [2], nC3023E-500 [3] and nC3023E-010 [4], Build Standard N; Firmware Versions: 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/25/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Certs. #397 and #1579); Triple-DES (Certs. #435 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nCipher modules: nShield F2 6000e, Shield F2 1500e, nShield F2 500e, and nShield 10e family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nCipher modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
1742 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7] (Hardware Versions: nC4033E-6K0 [1], nC4033E-1K5 [2], nC4033E-500 [3], nC4033E-030 [4], nC4033E-6K0N [5], nC4033E-1K5N [6] and nC4033E-500N [7], Build Standard N; Firmware Versions: 2.50.16-3, 2.51.10-3, 2.50.35-3 and 2.55.1-3) (When operated in FIPS mode and initialized to Overall Level 3 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/25/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 3 -FIPS Approved algorithms: AES (Certs. #397 and #1579); Triple-DES (Certs. #435 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." |
1741 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F3 500 [1], nShield F3 500 for NetHSM [2] and nShield F3 10 PCI [3] (Hardware Versions: nC4033P-500 [1], nC4033P-500N [2] and nC4033P-30 [3], Build Standard N; Firmware Versions: 2.50.16-3, 2.51.10-3, 2.50.35-3 and 2.55.1-3) (When operated in FIPS mode and initialized to Overall Level 3 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/25/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 3 -FIPS Approved algorithms: AES (Certs. #962 and #1579); Triple-DES (Certs. #757 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nShield F3 500, Shield F3 500 for NetHSM, and nShield F3 10 family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." |
1740 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F2 500 [1] and nShield F2 10 PCI [2] (Hardware Versions: nC3023P-500 [1] and nC3023P-10 [2], Build Standard N; Firmware Versions: 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/25/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Certs. #962 and #1579); Triple-DES (Certs. #757 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nShield F2 500 & nShield F2 10 PCI family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
1739 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | MiniHSM [1], MiniHSM for nShield Edge [2] and MiniHSM for Time Stamp Master Clock [3] (Hardware Versions: nC4031Z-10 [1], nC4031U-10 [2] and TSMC200 [3], Build Standard N; Firmware Versions: 2.50.17-3, 2.51.10-3, 2.50.35-3 and 2.55.1-3) (When operated in FIPS mode and initialized to Overall Level 3 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 06/25/2012 08/16/2013 10/25/2013 10/28/2015 | 10/27/2020 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1770); Triple-DES (Cert. #1146); HMAC (Cert. #1039); Triple-DES MAC (Triple-DES Cert. #1146, vendor affirmed); SHS (Cert. #1554); DSA (Cert. #553); ECDSA (Cert. #238); RSA (Cert. #886); DRBG (Cert. #120); CVL (Cert. #6) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The MiniHSM, MiniHSM for nShield Edge and MiniHSM for Time Stamp Master Clock are fully featured HSMs supplied in a single chip package. The MiniHSM Modules offer all the security and key management features of other nShield modules - but with reduced processing speed. The MiniHSM modules are OEM parts and will be included within other appliances or products, for example switches or routers. The MiniHSM modules have a real time clock which also makes them suitable for use as a time-stamping engine." |
1738 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@ncipher.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nToken (Hardware Versions: nC2023P-000, Build Standard N; Firmware Versions: 2.50.16-2 and 2.50.35-2) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 06/25/2012 11/24/2015 | 11/23/2020 | Overall Level: 2 -Physical Security: Level 3 -EMI/EMC: Level 3 -FIPS Approved algorithms: AES (Cert. #1579); HMAC (Cert. #925); SHS (Cert. #1398); DSA (Cert. #487); DRBG (Cert. #72) -Other algorithms: N/A Multi-chip embedded "The nToken Hardware Security Module improves the security of cryptographic keys, security sensitive software applications and increases server throughput of secure transactions in Public Key Infrastructure and other high integrity applications such as: Certificate Authorities, Registration Authorities, Government and Financial Institutions." |
1737 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F2 4000 [1], nShield F2 2000 [2] and nShield F2 500 [3] (Hardware Versions: nC3023P-4K0 [1], nC3023P-2K0 [2] and nC3023P-500 [3], Build Standard N; Firmware Versions: 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/25/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Cert. #1579); Triple-DES (Certs. #132 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nShield F2 4000, nShield F2 2000, and nShield F2 500 family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
1736 | Blue Coat® Systems, Inc. 420 N. Mary Avenue Sunnyvale, CA 94085 USA Wendi Ittah TEL: 703-399-0535 CST Lab: NVLAP 200928-0 | ProxySG 600-10 [1], 600-20 [2] and 600-35 [3] (Hardware Versions: 090-02911 [1], 090-02912 [1], 090-02913 [2], 090-02914 [2], 090-02915 [3] and 090-02916 [3] with FIPS kit 085-02762; Firmware Version: 6.1 or 6.1.5.5) (When operated in FIPS mode with the tamper evident seals and opacity baffles installed as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/21/2012 07/24/2012 08/07/2012 01/04/2013 | 1/3/2018 | Overall Level: 2 -FIPS Approved algorithms: AES (Certs. #105 and #1875); Triple-DES (Certs. #217 and #1218); RSA (Cert. #956); SHS (Cert. #1648); HMAC (Cert. #1120); DRBG (Cert. #153) -Other algorithms: RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip standalone "The foundation of Blue Coat's application delivery infrastructure, Blue Coat ProxySG appliances establish points of control that accelerate and secure business applications for users across the distributed organization. Blue Coat appliances serve as an Internet proxy and wide area network (WAN) optimizer. The purpose of the appliances is to provide a layer of security between an Internal and External Network (typically an office network and the Internet) and to provide acceleration and compression of transmitted data. ProxySG 600 is one of several appliance lines offered by Blue Coat" |
1733 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F3 6000e [1], nShield F3 1500e [2], nShield F3 500e [3], nShield F3 10e [4], nShield F3 6000e for nShield Connect [5], nShield F3 1500e for nShield Connect [6] and nShield F3 500e for nShield Connect [7] (Hardware Versions: nC4033E-6K0 [1], nC4033E-1K5 [2], nC4033E-500 [3], nC4033E-030 [4], nC4033E-6K0N [5], nC4033E-1K5N [6] and nC4033E-500N [7], Build Standard N; Firmware Versions: 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 06/20/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Certs. #397 and #1579); Triple-DES (Certs. #435 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strengh; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nShield F3 6000e, nShield F3 1500e, nShield F3 500e, nShield F3 10e, nShield F3 6000e for nShield Connect, nShield F3 1500e for nShield Connect and nShield F3 500e for nShield Connect family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
1729 | Certicom Corp. 4701 Tahoe Blvd. Building A Mississauga, Ontario L4W 0B5 Canada Certicom Support TEL: 905-507-4220 Certicom Sales TEL: 905-507-4220 FAX: 905-507-4230 CST Lab: NVLAP 200928-0 | Security Builder® FIPS Module (Software Versions: 6.0, 6.0.2 and 6.0.3) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 06/08/2012 10/31/2014 12/31/2014 05/08/2015 12/03/2015 03/15/2016 05/25/2016 | 5/24/2021 | Overall Level: 1 -Tested Configuration(s): QNX Neutrino 6.6 QNX Neutrino 6.5 Red Hat Linux AS 5.6 Windows 7 Enterprise 64 bit Windows Phone 8.0 Android 4.4.2 Android 4.0.4 iOS version 6.1.4 Android 5.0.1 iOS 8.0 Windows 7 Enterprise 32 bit CentOS Linux Release 7.1 64-bit Mac OS X Yosemite 10.10.4 Mac OS X El Capitan 10.11.4 (single-user mode) -FIPS Approved algorithms: Triple-DES (Certs. #1159, #1773 and #2164); AES (Certs. #1789, #3029 and 3946); SHS (Certs. #1571, #2530 and #3256); HMAC (Certs. #1054, #1914 and #2571); DRBG (Certs. #127, #579 and #1151); DSA (Certs. #563, #891 and #1076); ECDSA (Certs. #242, #553 and #866); RSA (Certs. #894, #1574 and #2017); KAS (Certs. #25, #50 and #79); CVL (Certs. #7, #367 and #789) -Other algorithms: DES; DESX; AES CCM* (non-compliant); AES-XCBC-MAC (non-compliant); AES EAX (non-compliant); AES MMO (non-compliant); ARC2; ARC4; MD2; MD4; MD5; HMAC-MD5; ECNR; ECQV; ECPVS; ECIES; ECSPEKE; RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112-bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides less than 80 bits of encryption strength; non-compliant); RNG; Dual EC DRBG Multi-chip standalone "The Security Builder® FIPS Module is a standards-based cryptographic toolkit that supports optimized Elliptic Curve Cryptography and provides application developers with sophisticated tools to flexibly integrate encryption, digital signatures and other security mechanisms into both mobile and server-based applications. The Security Builder FIPS Module is part of the Certicom Security Architecture, a comprehensive cross-platform security solution which supports multiple cryptographic software and hardware providers with a single common API." |
1725 | Francotyp-Postalia GmbH Triftweg 21-26 Birkenwerder D-16547 Germany Dirk Rosenau TEL: +49-3303-525-616 FAX: +49-3303-525-609 Hasbi Kabacaoglu TEL: +49-3303-525-656 FAX: +49-3303-525-609 CST Lab: NVLAP 100432-0 | Postal mRevenector DE 2011 (Hardware Version: 580036020300/01; Firmware Version: Bootloader: 90.0036.0201.00/2011485001; Software-Loader: 90.0036.0206.00/2011485001; FRANKIT-Application: 90.0036.0204.00/2012095001) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 05/29/2012 01/22/2013 03/13/2015 | 3/12/2020 | Overall Level: 3 -Physical Security: Level 3 +EFP/EFT -FIPS Approved algorithms: AES (Cert. #1493); DRBG (Cert. #61); DSA (Cert. #522); HMAC (Cert. #878); KAS (Cert. #16); RSA (Certs. #732 and #785); SHS (Cert. #1346); Triple-DES (Cert. #1122) -Other algorithms: NDRNG; RSA (key wrapping; key establishment methodology provides 80 bits of encryption strength; non-compliant) Multi-chip embedded "The Francotyp-Postalia Postal mRevenector DE 2011 employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The Postal mRevenector DE 2011 has been designed in compliance with the Deutsche Post (DPAG), FRANKIT Specification." |
1722 | Francotyp-Postalia GmbH Triftweg 21-26 Birkenwerder D-16547 Germany Dirk Rosenau TEL: +49-3303-525-616 FAX: +49-3303-525-609 CST Lab: NVLAP 100432-0 | Postal mRevenector US 2011 (Hardware Version: 580036020300/01; Firmware Version: Bootloader: 90.0036.0201.00/2011485001; Software-Loader: 90.0036.0206.00/2011485001; IBIP Application: 90.0036.0203.00/2011485001) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 05/23/2012 01/22/2013 | 1/21/2018 | Overall Level: 3 -Physical Security: Level 3 +EFP/EFT -FIPS Approved algorithms: AES (Cert. #1493); DRBG (Cert. #61); DSA (Cert. #522); ECDSA (Cert. #184); HMAC (Cert. #878); KAS (Cert. #16); RSA (Certs. #732 and #785); SHS (Cert. #1346); Triple-DES (Cert. #1122) -Other algorithms: NDRNG Multi-chip embedded "The Francotyp-Postalia Postal mRevenector US 2011 employs strong encryption, decryption, and digital signature techniques for the protection of customer revenues in Francotyp-Postalia's mail handlers. The Postal mRevenector US 2011 has been designed in compliance with the United States Postal Services (USPS), Information-Based Indicia Program (IBIP)." |
1717 | Cisco Systems, Inc. 170 West Tasman Drive San Jose, CA 95134 USA Global Certification Team CST Lab: NVLAP 200427-0 | Cisco Catalyst 6506-E [1], Catalyst 6509-E [2] and Catalyst 6513-E [3] Switches with Supervisor Cards (VS-S2T-10G or VS-S2T-10G-XL) and Line Cards (WS-X6908-10G or WS-X6908-10G-2TXL) (Hardware Versions: 6506-E -M0 [1], 6509-E -N0 [2], 6513-E -S0 [3], Supervisor Card VS-S2T-10G -B0, Supervisor Card VS-S2T-10G-XL -C0, Line Card WS-X6908-10G -A0, Line Card WS-X6908-10G-2TXL version -B0 and FIPS kit packaging (CVPN6500FIPS/KIT=); Firmware Version: 15.0(1)SY2) (When operated in FIPS mode and when tamper evident labels and security devices are installed on the initially built configuration as indicated in the Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 05/03/2012 12/21/2012 | 12/20/2017 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Certs. #1426, #1427 and #1816); DRBG (Cert. #140); HMAC (Cert. #1072); RSA (Cert. #911); SHS (Cert. #1593); Triple-DES (Cert. #1171) -Other algorithms: DES; HMAC-MD5; MD5; RC4; Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); AES (Cert. #1816, key wrapping; key establishment methodology provides 256 bits of encryption strength) Multi-chip standalone "The Catalyst 6500 series switches offer versatility, integration, and security to branch offices. With numerous network modules and service modules available, the modular architecture of the Cisco switches easily allows interfaces to be upgraded to accommodate network expansion. The Catalyst 6500 series switches provide a scalable, secure, manageable remote access server that meets FIPS 140-2 Level 2 requirements." |
1712 | Kanguru Solutions 1360 Main Street Millis, MA 02054 USA Nate Cote TEL: 508-376-4245 FAX: 508-376-4462 CST Lab: NVLAP 200802-0 | Kanguru Defender 2000 (Hardware Versions: P/Ns KDF2000-2G, KDF2000-4G and KDF2000-8G, Version 1.0; Firmware Version: 2.03.10) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 05/03/2012 12/21/2012 | 12/20/2017 | Overall Level: 2 -Cryptographic Module Specification: Level 3 -Roles, Services, and Authentication: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: HMAC (Cert. #954); AES (Cert. #1623); SHS (Cert. #1432); RSA (Cert. #801); DRBG (Cert. #86); PBKDF (vendor affirmed) -Other algorithms: NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength) Multi-chip standalone "The Kanguru Defender 2000 is a 256-bit AES hardware encrypted USB flash drive. It is used to securely store sensitive data housed on the device." |
1711 | Athena Smartcard Inc. 16615 Lark Avenue Suite 202 Los Gatos, CA 95032 USA Stéphanie Motré TEL: 408-786-1028 FAX: 408-608-1818 CST Lab: NVLAP 100432-0 | IDProtect with LASER PKI (Hardware Version: Inside Secure AT90SC28872RCU Rev. G; Firmware Version: Athena IDProtect 010B.0352.0005 with LASER PKI Applet 3.0) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 04/30/2012 04/12/2013 05/28/2014 | 5/27/2019 | Overall Level: 3 -FIPS Approved algorithms: AES (Cert. #1654); RSA (Cert. #824); Triple-DES (Cert. #1087); Triple-DES MAC (Triple-DES Cert. #1087, vendor affirmed); DRBG (Cert. #98); SHS (Cert. #1465); ECDSA (Cert. #214); CVL (Cert. #2) -Other algorithms: HW RNG; AES-CMAC (non-compliant); EC Diffie-Hellman; AES (Cert. #1654, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength) Single-chip "IDProtect is a Cryptographic Module based on the Athena OS755 Java Card smart card operating system with 72KB of EEPROM. IDProtect is compliant with the latest Java Card 2.2.2 and GlobalPlatform 2.1.1 specifications and is validated to FIPS 140-2 Level 3. IDProtect supports FIPS approved DRBG, SHA-1 and all SHA-2, TDES, AES, RSA, ECDSA and ECC CDC, and RSA and ECC key generation. IDProtect exposes PKI and Biometric APIs and is designed for high-performance government and enterprise smart card applications." |
1708 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F3 4000 [1], nShield F3 2000 [2], nShield F3 2000 for NetHSM [3], nShield F3 500 [4] and nShield F3 500 for NetHSM [5] (Hardware Versions: nC4033P-4K0 [1], nC4033P-2K0 [2], nC4033P-2K0N [3], nC4033P-500 [4] and nC4033P-500N [5], Build Standard N; Firmware Versions: 2.50.16-3, 2.51.10-3, 2.50.35-3 and 2.55.1-3) (When operated in FIPS mode and initialized to Overall Level 3 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 04/27/2012 03/08/2013 08/16/2013 11/16/2015 | 11/15/2020 | Overall Level: 3 -Physical Security: Level 3 + EFP -FIPS Approved algorithms: AES (Cert. #1579); Triple-DES (Certs. #132 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nCipher 4000, nShield 2000, nShield 2000 for NetHSM, nShield 500, and nShield 500 for NetHSM family of secure e-commerce HSM's are multi-tasking hardware modules that is optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 3 embedded devices. The units are identical in operation and only vary in the processing speed." |
1705 | Thales e-Security Inc. 900 South Pine Island Road Suite 710 Plantation, FL 33324 USA sales@thalesesec.com TEL: 888-744-4976 CST Lab: NVLAP 200426-0 | nShield F3 500 PCI [1], nShield F3 500 for NetHSM [2] and nShield F3 10 PCI [3] (Hardware Versions: nC4033P-500 [1], nC4033P-500N [2] and nC4033P-30 [3], Build Standard N; Firmware Versions: 2.50.16-2, 2.51.10-2, 2.50.35-2 and 2.55.1-2) (When operated in FIPS mode and initialized to Overall Level 2 per Security Policy) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 04/12/2012 03/08/2013 08/09/2013 11/16/2015 | 11/15/2020 | Overall Level: 2 -Roles, Services, and Authentication: Level 3 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Certs. #962 and #1579); Triple-DES (Certs. #757 and #1035); HMAC (Cert. #925); Triple-DES MAC (Triple-DES Cert. #1035, vendor affirmed); SHS (Cert. #1398); DSA (Cert. #487); ECDSA (Cert. #192); RSA (Certs. #770 and #1092); DRBG (Cert. #72); CVL (Cert. #1) -Other algorithms: ARC4; Aria; Camellia; CAST-6; DES; MD5; SEED; HMAC-MD5; HMAC-Tiger; HMAC-RIPEMD160; RIPEMD-160; Tiger; El-Gamal; KCDSA; HAS-160; AES (Cert. #1579, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Triple-DES (Cert. #1035, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (key wrapping; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1, key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The nShield modules: nShield F3 500, F3 500 for NetHSM, & nShield F3 10 family of secure e-commerce HSMs are multi-tasking hardware modules that are optimized for performing modular arithmetic on very large integers. The nShield modules are FIPS 140-2 level 2 embedded devices. The units are identical in operation and only vary in the processing speed." |
1702 | Entrust, Inc. One Lincoln Centre 5400 LBJ Freeway Suite 1340 Dallas, TX 75240 USA Entrust Sales CST Lab: NVLAP 100432-0 | Entrust Authority™ Security Kernel (Software Versions: 8.1sp1, 8.1sp1R2 and 8.1sp1R3) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Software | 04/12/2012 10/18/2013 05/28/2014 01/08/2016 08/29/2016 | 8/28/2021 | Overall Level: 2 -Tested Configuration(s): Tested as meeting Level 2 with Windows Server 2008 R2 Enterprise Edition running on Dell Optiplex 755 -FIPS Approved algorithms: AES (Certs. #1923 and #2631); HMAC (Certs. #1158 and #1628); SHS (Certs. #1689 and #2206); DRBG (Certs. #167 and #405); RSA (Certs. #992 and #1345); Triple-DES (Certs. #1253 and #1580); Triple-DES MAC (Triple-DES Cert. #1253, vendor affirmed); CVL (Certs. #15 and #111 and SP 800-135, vendor affirmed, key agreement); ECDSA (Certs. #275 and #454); DSA (Certs. #610 and #794) -Other algorithms: RSA (key wrapping; key establishment methodology provides between 80 and 128 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 80 or 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 80 and 256 bits of encryption strength); MD2; MD5; RMD-160; CAST; CAST3; CAST5; DES; IDEA; RC2; RC4; PAKE; AES-DAC; CAST-DAC; CAST3-DAC; CAST5-DAC; DES-DAC; IDEA-DAC; RC2-DAC; RNG (non-compliant) Multi-chip standalone "By managing the full lifecycles of digital certificate-based identities, Entrust Authority PKI enables encryption, digital signature and certificate authentication capabilities to be consistently and transparently applied across a broad range of applications and platforms." |
1694 | SafeNet, Inc. 20 Colonnade Dr, Suite 200 Ottawa, Ontario K2E 7M6 Canada Security and Certifications Team CST Lab: NVLAP 200427-0 | Luna® PCI-e Cryptographic Module (Hardware Versions: VBD-05-0100, VBD-05-0101 and VBD-05-0103; Firmware Version: 6.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 03/30/2012 09/27/2012 01/10/2017 06/23/2017 06/23/2017 | 1/9/2022 | Overall Level: 3 -FIPS Approved algorithms: AES (Certs. #1743, #1750 and #1756); DRBG (Cert. #114); DSA (Certs. #545, #546 and #548); ECDSA (Certs. #230, #231 and #233); HMAC (Certs. #1021 and #1027); KAS (Cert. #23); RSA (Certs. #865 and #870); SHS (Certs. #1531 and #1537); KKDF (SP 800-108, vendor affirmed); Triple-DES (Certs. #1130, #1134 and #1137); Triple-DES MAC (Triple-DES Certs. #1130, #1134 and #1137, vendor-affirmed) -Other algorithms: ARIA; AES (Certs. #1743, #1750 and #1756, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES MAC (Cert. #1750; non-compliant); CAST5; CAST5-MAC; DES; DES MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 128 bits of encryption strength); HAS-160; KCDSA; MD2; MD5; RC2; RC2-MAC; RC4; RC5; RC5-MAC; RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; Triple-DES (Certs. #1130, #1134 and #1137, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card." |
1693 | SafeNet, Inc. 20 Colonnade Drive, Suite 200 Ottawa, Ontario K2E 7M6 Canada Security and Certifications Team CST Lab: NVLAP 200427-0 | Luna® PCI-e Cryptographic Module (Hardware Versions: VBD-05-0100, VBD-05-0101 and VBD-05-0103; Firmware Version: 6.2.1) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy Vendor Product Link | Hardware | 03/28/2012 09/27/2012 01/10/2017 06/23/2017 06/23/2017 | 1/9/2022 | Overall Level: 2 -Physical Security: Level 3 -EMI/EMC: Level 3 -Design Assurance: Level 3 -FIPS Approved algorithms: AES (Certs. #1743, #1750 and #1756); DRBG (Cert. #114); DSA (Certs. #545, #546 and #548); ECDSA (Certs. #230, #231 and #233); HMAC (Certs. #1021 and #1027); KAS (Cert. #23); RSA (Certs. #865 and #870); SHS (Certs. #1531 and #1537); KKDF (SP800-108, vendor affirmed); Triple-DES (Certs. #1130, #1134 and #1137); Triple-DES MAC (Triple-DES Certs. #1130, #1134 and #1137, vendor-affirmed) -Other algorithms: ARIA; AES (Certs. #1743, #1750 and #1756, key wrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); AES MAC (Cert. #1750; non-compliant); CAST5; CAST5-MAC; DES; DES MAC; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 128 bits of encryption strength); HAS-160; KCDSA; MD2; MD5; RC2; RC2-MAC; RC4; RC5; RC5-MAC; RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength; non-compliant less than 112 bits of encryption strength); SEED; Triple-DES (Certs. #1130, #1134 and #1137, key wrapping; key establishment methodology provides 112 bits of encryption strength; non-compliant less than 112 bits of encryption strength) Multi-chip embedded "The Luna PCI-e cryptographic module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-e card." |
1674 | Avaya, Inc. 211 Mt. Airy Road Basking Ridge, NJ 07920 USA Dragan Grebovich TEL: 978-671-3476 CST Lab: NVLAP 200556-0 | Secure Router 4134 (Hardware Versions: Chassis: 4134, Interface Cards: 2-port T1/E1 Small Card (Assembly Number: 333-70225-01 Rev 4); 2-port Serial Small Card (Assembly Number: 333-70240-01 Rev 02.0011); 1-port ADSL2+ Annex A Small Card (Assembly Number: 333-70260-01 Rev 01); 1-port HSSI Medium Card (Part Number: 333-70290-01 Rev 9); 1-port Channelized / Clear Channel T3 Medium Card (Part Number: 333-70280-01 Rev 8); 8-port T1/E1 Medium Card (Part Number: 333-70275-01 Rev 01.0012); 10-port Gigabit Ethernet (GbE) Medium Card (Part Number: 333-70330-01 Rev 01.0023); 24-port Fast Ethernet (FE) Medium Card (Part Number: 333-70325-01 Rev 15); 24-port Fast Ethernet/Power over Ethernet (FE/PoE) Medium Card (Part Number: 333-70325-02 Rev 01.0017); Firmware Version: 10.3.0.100) (When operated in FIPS mode, the tamper evident seals are installed as indicated in the Security Policy and with all interface card slots filled or covered) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Hardware | 02/06/2012 01/01/2014 | 12/31/2018 | Overall Level: 2 -FIPS Approved algorithms: Triple-DES (Certs. #275 and #1050); AES (Certs. #173 and #1605); SHS (Cert. #1418); HMAC (Cert. #941); RSA (SigVer, Cert. #787); DSA (Cert. #496); DRBG (Cert. #79) -Other algorithms: DSA (Cert. #501; non-compliant); MD5; NDRNG; Blowfish; DES; Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 128 bits of encryption strength; non-compliant less than 112 bits of encryption strength); RSA (SigGen and KeyGen, Cert. #787; non-compliant) Multi-chip standalone "The Secure Router 4134 is a modular, multi-service branch router that combine IP routing, wide-area networking (WAN), voice/PSTN gateway and security services in a single platform. With advanced services - including IPv4/IPv6 routing, high-performance WAN, SIP survivable gateway, and IPSec VPN and firewall security - they are well-suited to address enterprise branch, regional and even headquarter WAN routing needs." |
1669 | Research In Motion Ltd. 295 Phillip Street Waterloo, Ontario N2L 3W8 Canada Certifications Team TEL: 519-888-7465 ext.72921 FAX: 519-886-4839 CST Lab: NVLAP 200928-0 | BlackBerry Cryptographic Kernel (Firmware Versions: 3.8.7.0 [1], 3.8.7.1 [1,2], 3.8.7.4 [2],3.8.7.5 [2] and 3.8.7.6 [2]) (When operated in FIPS mode) Validated to FIPS 140-2 Consolidated Validation Certificate Security Policy | Firmware | 01/19/2012 10/10/2012 | 10/9/2017 | Overall Level: 1 -Design Assurance: Level 3 -Tested: BlackBerry 9900 with BlackBerry OS Versions 7.0 [1] and 7.1 [2] -FIPS Approved algorithms: Triple-DES (Certs. #1163 and #1164); AES (Certs. #1798, #1799, #1800 and #1801); SHS (Certs. #1581 and #1582); HMAC (Certs. #1063 and #1064); RSA (Certs. #902 and #903); DRBG (Certs. #132 and #133); ECDSA (Certs. #244 and #245) -Other algorithms: EC Diffie-Hellman (key agreement; key establishment methodology provides 256 bits of encryption strength); ECMQV (key agreement; key establishment methodology provides 256 bits of encryption strength) Multi-chip standalone "BlackBerry is the leading wireless enterprise solution that allows users to stay connected with secure, wireless access to email, corporate data, phone, web and organizer features. BlackBerry is a totally integrated package that includes hardware, software and service, providing a complete end-to-end solution. The BlackBerry Cryptographic Kernel is the software module that provides the basic cryptographic functionality for the BlackBerry." |