Module Name
CN9000 Series Encryptors
Validation Dates
07/09/2019
Caveat
When operated in FIPS mode and installed, activated, and configured per Security Policy section 8.3
Security Level Exceptions
- Mitigation of Other Attacks: N/A
Embodiment
Multi-Chip Stand Alone
Description
The CN9000 Series are high-speed hardware encryption platforms that secure data over optical Ethernet networks. The models included are the CN9100 and CN9120 100G Ethernet Encryptors, operating at line rates of 100Gb/s with pluggable transceivers to support a variety of optical network interfaces. Data privacy is provided by FIPS approved AES CTR algorithms.
FIPS Algorithms
| AES |
Certs. #4113, #4556 and #4557 |
| CKG |
vendor affirmed |
| CVL |
Cert. #1238 |
| DRBG |
Cert. #1506 |
| ECDSA |
Cert. #1111 |
| HMAC |
Cert. #3010 |
| KAS |
Cert. #126 |
| KTS |
vendor affirmed |
| KTS |
AES Cert. #4556 and HMAC Cert. #3010; key establishment methodology provides between 128 and 256 bits of encryption strength |
| RSA |
Cert. #2483 |
| SHS |
Cert. #3734 |
| Triple-DES |
Cert. #2427 |
Allowed Algorithms
Diffie-Hellman (CVL Cert. #1238, key agreement; key establishment methodology provides 112 bits of encryption strength); EC Diffie-Hellman (CVL Cert. #1238, key agreement; key establishment methodology provides between 128 and 256 bits of encryption strength); MD5; NDRNG; RSA (key wrapping; key establishment methodology provides 112 bits of encryption strength)
Hardware Versions
Senetas Corp. Ltd. CN9000 Series: A9100B (AC), A9101B (DC), A9102B (AC/DC); Senetas Corp. Ltd. CN9000 Series: A9120B (AC), A9121B (DC), A9122B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN9000 Series: A9100B (AC), A9101B (DC), A9102B (AC/DC); Senetas Corp. Ltd. & SafeNet Inc. CN9000 Series: A9120B (AC), A9121B (DC), A9122B (AC/DC)
) or https:// don't prove our archive is authentic, only that you securely accessed it. Note that we are working to fix that :)
