Module Name
CN Series Ethernet Encryptors
Validation Dates
10/19/2017;12/08/2017;02/07/2018
Caveat
When operated in FIPS mode
Security Level Exceptions
- Cryptographic Module Ports and Interfaces: Level 3
- Roles, Services, and Authentication: Level 3
- Finite State Model: Level 3
- Physical Security: Level 3
- Operational Environment: Level 3
- EMI/EMC: Level 3
- Self-Tests: Level 3
- Design Assurance: Level 3
- Mitigation of Other Attacks: Level 3
Embodiment
Multi-Chip Stand Alone
Description
The CN4010, CN4020, CN6010 and CN6140 are high-speed hardware encryption platforms that secure data over twisted-pair and optical Ethernet networks. The modules support line rates from 10Mb/s to 10Gb/s. The CN4020, CN6010 and CN6140 are equipped with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES algorithms in CFB, CTR and GCM modes. Additional transmission security is provided via TRANSEC (Traffic Flow Security) which can be used to remove patterns in network traffic and prevent traffic analysis attacks.
Allowed Algorithms
Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides 112 or 150 bits of encryption strength)
Hardware Versions
Senetas Corp. Ltd. CN4000 Series: A4010B (DC), A4020B (DC); Senetas Corp. Ltd. CN6010 Series: A6010B (AC), A6011B (DC) and A6012B (AC/DC); Senetas Corp. Ltd. CN6140 Series: A6140B (AC), A6141B (DC) and A6142B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN4000 Series: A4010B (DC), A4020B (DC); Senetas Corp. Ltd. & SafeNet Inc. CN6010 Series: A6010B (AC), A6011B (DC) and A6012B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN6140 Series: A6140B (AC), A6141B (DC) and A6142B (AC/DC)
Firmware Versions
3.0.1 and 3.0.2