U.S. flag   An unofficial archive of your favorite United States government website

Computer Security Resource Center

Computer Security Resource Center

This is an archive
(replace .gov by .rip)
    Projects Cryptographic Module Validation Program Validated Modules Search

Cryptographic Module Validation Program CMVP

Certificate #3208

Details

Module Name
SafeNet PCIe Hardware Security Module and SafeNet PCIe Hardware Security Module for SafeNet Network HSM
Standard
FIPS 140-2
Status
Active
Sunset Date
6/25/2023
Validation Dates
06/26/2018
Overall Level
2
Caveat
When operated in FIPS mode and initialized to Overall Level 2 per Security Policy
Security Level Exceptions
  • Physical Security: Level 3
  • EMI/EMC: Level 3
  • Design Assurance: Level 3
Module Type
Hardware
Embodiment
Multi-Chip Embedded
Description
The SafeNet PCI-E Hardware Security Module is a multi-chip embedded hardware cryptographic module in the form of a PCI-Express card that typically resides within a custom computing or secure communications appliance. The cryptographic module is contained in its own secure enclosure that provides physical resistance to tampering. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-E card.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #4849, #4960 and #5021
CKG vendor affirmed
CVL Cert. #1565
DRBG Cert. #1704
DSA Certs. #1298, #1316 and #1317
ECDSA Certs. #1242, #1280 and #1281
HMAC Certs. #3306 and #3335
KAS Cert. #155
KBKDF Cert. #165
KTS AES Cert. #5021; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Certs. #2691 and #2706
SHS Certs. #3988 and #4080
Triple-DES Certs. #2552, #2573 and #2588
Triple-DES MAC Triple-DES Certs. #2552, #2573 and #2588, vendor affirmed
Allowed Algorithms
AES (Certs. #4849, #4960 and #5012, key unwrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength); Triple-DES (Certs. #2552, #2573 and #2588, key unwrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
VBD-05-0100 [1, 2], VBD-05-0101 [1, 2], VBD-05-0102 [1, 2] and VBD-05-0103 [1, 2]
Firmware Versions
6.24.6 [1] and 6.24.7 [2]

Vendor

Gemalto
20 Colonnade Road, Suite 200
Ottawa, ON K2E 7M6
Canada

Security & Certifications Team
SecurityCertifications@gemalto.com

Related Files

Security Policy
Consolidated Certificate

Lab

EWA CANADA
NVLAP Code: 200556-0