Module Name
CN6000 Series Encryptors
Validation Dates
07/09/2019
Caveat
When operated in FIPS mode and installed, activated, and configured per Security Policy section 8.3
Embodiment
Multi-Chip Stand Alone
Description
The CN6000 Series are high-speed hardware encryption platforms that secure data over optical and twisted-pair Ethernet and Fibre Channel networks. Models included are the CN6100 10G Ethernet; operating at a line rate of 10Gb/s and the CN6040 Ethernet and FC selectable model, operating at data rates up to 4Gb/s. Data privacy is provided by FIPS approved AES CFB and CTR algorithms. GCM is also available for applications that demand authentication. TRANSEC (aka Traffic Flow Security or TFS) can be used to remove patterns in network traffic and prevent traffic analysis.
FIPS Algorithms
AES |
Certs. #3347, #4398, #4399 and #4555 |
CKG |
vendor affirmed |
CVL |
Cert. #1236 |
DRBG |
Cert. #1505 |
ECDSA |
Cert. #1110 |
HMAC |
Cert. #3009 |
KAS |
Cert. #125 |
KTS |
vendor affirmed |
KTS |
AES Cert. #4555 and HMAC Cert. #3009; key establishment methodology provides between 128 and 256 bits of encryption strength |
RSA |
Cert. #2482 |
SHS |
Cert. #3733 |
Triple-DES |
Cert. #2426 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1236, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1236, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
Senetas Corp. Ltd. CN6040 Series: A6040B (AC), A6041B (DC) and A6042B (AC/DC); Senetas Corp. Ltd. CN6100 Series: A6100B (AC), A6101B (DC) and A6102B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN6040 Series: A6040B (AC), A6041B (DC) and A6042B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN6100 Series: A6100B (AC), A6101B (DC) and A6102B (AC/DC)