Module Name
CN6000 Series Encryptors
Validation Dates
10/17/2017;12/08/2017;02/07/2018
Caveat
When operated in FIPS mode
Security Level Exceptions
- Cryptographic Module Ports and Interfaces: Level 3
- Roles, Services, and Authentication: Level 3
- Finite State Model: Level 3
- Physical Security: Level 3
- Operational Environment: Level 3
- EMI/EMC: Level 3
- Self-Tests: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: Level 3
Embodiment
Multi-Chip Stand Alone
Description
The CN6000 Series are high-speed hardware encryption platforms that secure data over optical and twisted-pair Ethernet and Fibre Channel networks. Models included are the CN6100 10G Ethernet; operating at a line rate of 10Gb/s and the CN6040 Ethernet and FC selectable model, operating at data rates up to 4Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication. TRANSEC (aka Traffic Flow Security or TFS) can be used to remove patterns in network traffic and prevent traffic analysis.
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 150 bits of encryption strength)
Hardware Versions
Senetas Corp. Ltd. CN6040 Series: A6040B (AC), A6041B (DC) and A6042B (AC/DC); Senetas Corp. Ltd. CN6100 Series: A6100B (AC), A6101B (DC) and A6102B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN6040 Series: A6040B (AC), A6041B (DC) and A6042B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN6100 Series: A6100B (AC), A6101B (DC) and A6102B (AC/DC)
Firmware Versions
3.0.1 and 3.0.2