U.S. flag   An unofficial archive of your favorite United States government website
This is an archive
(replace .gov by .rip)

Cryptographic Module Validation Program CMVP

Certificate #3209

Details

Module Name
SafeNet Backup Hardware Security Module
Standard
FIPS 140-2
Status
Active
Sunset Date
6/26/2023
Validation Dates
06/27/2018
Overall Level
3
Caveat
When operated in FIPS mode and initialized to Overall Level 3 per Security Policy
Module Type
Hardware
Embodiment
Multi-Chip Stand Alone
Description
The SafeNet Backup Hardware Security Module provides the same level of security as the SafeNet Network HSM and SafeNet PCI-E HSMs in a convenient, small, low-cost form factor. The SafeNet Backup HSM ensures that sensitive cryptographic material remains strongly protected in hardware even when not being used. One can easily back up and duplicate keys securely to the SafeNet Backup HSM for safekeeping in case of emergency, failure or disaster.
Tested Configuration(s)
  • N/A
FIPS Algorithms
AES Certs. #4849 and #5012
CKG vendor affirmed
CVL Cert. #1562
DRBG Cert. #1704
DSA Certs. #1298 and #1315
ECDSA Certs. #1242 and #1278
HMAC Certs. #3306 and #3330
KAS Cert. #154
KBKDF Cert. #164
KTS Cert. #5012; key establishment methodology provides between 128 and 256 bits of encryption strength
RSA Certs. #2691 and #2704
SHS Certs. #3988 and #4075
Triple-DES Certs. #2552 and #2585
Triple-DES MAC Triple-DES Certs. #2552 and #2585, vendor affirmed
Allowed Algorithms
AES (Certs. #4849 and #5012, key unwrapping; key establishment methodology provides between 128 and 256 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 or 128 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 152 bits of encryption strength); Triple-DES (Certs. #2552 and #2585, key unwrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
LTK-03, Version Code 0102 [1, 2] and LTK-03, Version Code 0103 [1, 2]
Firmware Versions
6.24.6 [1] and 6.24.7 [2]

Vendor

Gemalto
20 Colonnade Road
Ottawa, ON K2E 7M6
Canada

Security & Certifications Team
SecurityCertifications@gemalto.com

Lab

EWA CANADA
NVLAP Code: 200556-0