Module Name
SafeNet PCIe Cryptographic Module for SafeNet IS
Validation Dates
10/15/2018
Caveat
When operated in FIPS mode and configured and initialized to Overall Level 3 per Security Policy
Embodiment
Multi-Chip Embedded
Description
SafeNet PCIe Cryptographic Module for SafeNet IS cryptographic module features powerful cryptographic processing and hardware key management for applications where performance and security are the priority. The multi-chip embedded hardware cryptographic module offers hardware-based key management and cryptographic operations to protect sensitive keys. The cryptographic boundary of the module is defined to encompass all components inside the secure enclosure on the PCI-E card.
FIPS Algorithms
AES |
Certs. #4849, #4960 and #4977 |
CKG |
vendor affirmed |
CVL |
Cert. #1577 |
DRBG |
Cert. #1704 |
DSA |
Certs. #1298, #1306 and #1307 |
ECDSA |
Certs. #1242, #1266 and #1270 |
HMAC |
Certs. #3306 and #3307 |
KAS |
Cert. #151 |
KBKDF |
Cert. #163 |
KTS |
AES Cert. #4977 and HMAC Cert. #3307; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Certs. #2691 and #2692 |
SHS |
Certs. #3988 and #4050 |
Triple-DES |
Certs. #2552, #2573 and #2574 |
Allowed Algorithms
AES (Cert. #4977, key unwrapping; key establishment metholdogy provides between 128 and 256 bits of encryption strength); Diffie-Hellman (key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (key agreement; key establishment methodology provides between 112 and 256 bits of encryption strength); NDRNG; RSA (key wrapping; key establishment methodology provides between 112 and 150 bits of encryption strength); Triple-DES (Cert. #2574, key unwrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
VBD-05-0101; VBD-05-0102; and VBD-05-0103